Lucene search
PRIOn knowledge basePRION:CVE-2020-8495HistoryJan 30, 2020 - 10:15 p.m.
Code injection
2020-01-3022:15:00
PRIOn knowledge base
www.prio-n.com
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and delegatorUserId parameters.
| CPE | Name | Operator | Version |
|---|---|---|---|
| web_time_and_attendance | ge | 3.8 | |
| web_time_and_attendance | lt | 4.0 |
Related
cvelist
cvelist
CVE-2020-8495
2020-01-30 21:18:15
nvd
nvd
CVE-2020-8495
2020-01-30 22:15:10
checkpoint_advisories
checkpoint_advisories
Kronos Web Time And Attendance Privilege Escalation (CVE-2020-8495)
2021-03-28 00:00:00
cve
cve
CVE-2020-8495
2020-01-30 22:15:10
zdt
zdt
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Exploit
2020-02-05 00:00:00
exploitpack
exploitpack
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
2020-02-05 00:00:00
packetstorm
packetstorm
Kronos WebTA 4.0 Privilege Escalation / Cross Site Scripting
2020-02-05 00:00:00
exploitdb
exploitdb
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
2020-02-05 00:00:00