ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HPcvuesolutions Pcvue
APPPcvuesolutions8.10 β 12.0.17 (bez)
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
References
Related vulnerabilities
CVE-2020-26867CRITICAL9.8ten sam produkt
ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, wh...
CVE-2020-26869HIGH7.5ten sam produkt
ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized u...