6.7 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.8%
Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors.