Описание
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Decision Manager 7 | Business-central | Will not fix | ||
| Red Hat Process Automation 7 | Business-central | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-281
https://bugzilla.redhat.com/show_bug.cgi?id=1744801RHDM: admin console auth bypass
7.1 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
nvd
больше 3 лет назад
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
CVSS3: 8.8
github
больше 3 лет назад
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
7.1 High
CVSS3