Описание
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.
Ссылки
- Product
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.3 (включая) до 5.5.2 (включая)
cpe:2.3:a:oxygenz:clipbucket:*:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.0038
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
около 2 месяцев назад
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.
EPSS
Процентиль: 59%
0.0038
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-798