CVE-2018-5328

2018-01-15T21:29:00
ID CVE-2018-5328
Type cve
Reporter cve@mitre.org
Modified 2019-10-03T00:03:00

Description

ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details.