GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference (IDOR) vulnerability allows user account data to be downloaded in JavaScript object notation (JSON) format by users who should not have access to such functionality. An attacker can download sensitive data related to user accounts without having the proper privileges.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NGe Asset Performance Management Classic
APPGe≤ 4.4
Powiązane podatności
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it ...
Buffer overflow w KEPServerEX umożliwiający crash lub wyciek danych
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...
The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to ...