Описание
Broken access control vulnerability in Geovision GV-ASWeb with version v6.1.0.0 or less. This vulnerability allows low privilege users perform actions that they aren't authorized to, which can be leveraged to escalate privileges, create, modify or delete accounts.
EPSS
Процентиль: 91%
0.06591
Низкий
8.8 High
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 8.1
github
около 1 года назад
Incorrect access control in Geovision GV-ASWeb version 6.1.0.0 or less allows unauthorized attackers with low-level privileges to manage and create new user accounts via supplying a crafted HTTP request.
EPSS
Процентиль: 91%
0.06591
Низкий
8.8 High
CVSS3
Дефекты
CWE-284