Описание
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access tokens and use them to access the system with elevated privileges.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Press/Media CoverageThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.5 (включая)
cpe:2.3:a:aenrich:a\+hrd:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00392
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-1390
Связанные уязвимости
CVSS3: 9.8
github
3 месяца назад
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access tokens and use them to access the system with elevated privileges.
EPSS
Процентиль: 60%
0.00392
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-1390