Описание
Affected devices do not properly enforce user authentication on specific API endpoints. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that the attacker has learned the identity of a legitimate user.
EPSS
Процентиль: 42%
0.00201
Низкий
10 Critical
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 10
github
25 дней назад
Affected devices do not properly enforce user authentication on specific API endpoints. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that the attacker has learned the identity of a legitimate user.
EPSS
Процентиль: 42%
0.00201
Низкий
10 Critical
CVSS3
Дефекты
CWE-639