TXOne StellarOne has an improper access control privilege escalation vulnerability in every version before V2.0.1160 that could allow a malicious, falsely authenticated user to escalate his privileges to administrator level. With these privileges, an attacker could perform actions they are not authorized to.
Please note: an attacker must first obtain a low-privileged authenticated userβs profile on the target system in order to exploit this vulnerability.
[
{
"vendor": "Trend Micro, Inc.",
"product": "TXOne Networks StellarOne",
"versions": [
{
"version": "2.0",
"status": "affected",
"versionType": "semver",
"lessThan": "2.0.1160"
}
]
}
]