Описание
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.0.2.113 (исключая)
cpe:2.3:a:cybelesoft:thinfinity_workspace:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00298
Низкий
7.3 High
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 7.3
github
около 1 года назад
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges.
EPSS
Процентиль: 53%
0.00298
Низкий
7.3 High
CVSS3
Дефекты
CWE-306