Improper access control

2015-10-1918:59:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.5%

JSON

Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 improperly implements the Role Based Access Control feature, which might allow remote attackers to modify an account’s role assignments via unspecified vectors.

CPENameOperatorVersion
radia_client_automationeq8.1
radia_client_automationeq9.0
radia_client_automationeq9.1
radia_client_automationeq7.9

Name	Operator	Version
radia_client_automation	eq	8.1
radia_client_automation	eq	9.0
radia_client_automation	eq	9.1
radia_client_automation	eq	7.9

References

www.securitytracker.com/id/1033862

support.accelerite.com/hc/en-us/articles/203659814-Accelerite-releases-solutions-and-best-practices-to-enhance-the-security-for-RBAC-and-Remote-Notify-features