Lucene search

K

MitreCVELIST:CVE-2019-16133

HistorySep 09, 2019 - 2:04 a.m.

CVE-2019-16133

2019-09-0902:04:46

mitre

www.cve.org

3

EPSS

0.001

Percentile

34.4%

An issue was discovered in eteams OA v4.0.34. Because the session is not strictly checked, the account names and passwords of all employees in the company can be obtained by an ordinary account. Specifically, the attacker sends a jsessionid value for URIs under app/profile/summary/.

References

www.iwantacve.cn/index.php/archives/271/

EPSS

0.001

Percentile

34.4%

Related for CVELIST:CVE-2019-16133

prion1 nvd1 cve1