Описание
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc.
Ссылки
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.6_dev (включая)
cpe:2.3:a:codemers:klims:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00113
Низкий
7.3 High
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 7.3
github
10 месяцев назад
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc.
EPSS
Процентиль: 30%
0.00113
Низкий
7.3 High
CVSS3
Дефекты
CWE-284