CVE-2017-9421

2018-05-2413:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

51.6%

JSON

Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token.

References

github.com/jer1nj0y/Vulns/blob/master/Kiteworks%20Vulnerability