Authentication flaw

2021-12-1412:15:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

JSON

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal activity feed database. This could allow an unauthenticated remote attacker to read, modify or delete activity feed entries.

CPENameOperatorVersion
sipass_integratedeq2.85
sipass_integratedeq2.80
sipass_integratedeq2.76 sp1
sipass_integratedeq2.76
siveillance_identityeq1.5
siveillance_identityge1.6
siveillance_identityle1.6.280.0

Name	Operator	Version
sipass_integrated	eq	2.85
sipass_integrated	eq	2.80
sipass_integrated	eq	2.76 sp1
sipass_integrated	eq	2.76
siveillance_identity	eq	1.5
siveillance_identity	ge	1.6
siveillance_identity	le	1.6.280.0