Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-43442
HistoryApr 11, 2022 - 6:34 p.m.

CVE-2021-43442

2022-04-1118:34:21
mitre
www.cve.org
3
logic flaw
i3 international inc
annexxus camera
administrator account
parameter manipulation
user permission

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

45.4%

JSON

A Logic Flaw vulnerability exists in i3 International Inc Annexxus Camera V5.2.0 build 150317 (Ax46), V5.0.9 build 151106 (Ax68), and V5.0.9 build 150615 (Ax78) due to a failure to allow the creation of more than one administrator account; however, this can be bypassed by parameter maniulation using PUT and DELETE and by calling the β€˜UserPermission’ endpoint with the ID of created account and set it to β€˜admin’ userType, successfully adding a second administrative account.

Related

nvd 1
prion 1
cve 1
zeroscience 1
nvd
nvd
CVE-2021-43442
2022-04-11 19:15:08
prion
prion
Design/Logic Flaw
2022-04-11 19:15:00
cve
cve
CVE-2021-43442
2022-04-11 19:15:08
zeroscience
zeroscience
i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw
2021-11-01 00:00:00

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

45.4%

JSON
Related for CVELIST:CVE-2021-43442
nvd1prion1cve1zeroscience1