5 matches found
CVE-2023-25780
creationtimestamp| type| source ---|---|--- 2025-01-08 18:14:36+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/755...
CVE-2023-25780
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
CVE-2023-25780 Status Internet Co.,Ltd. PowerBPM - Broken Access Control
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
CVE-2023-25780 Status Internet Co.,Ltd. PowerBPM - Broken Access Control
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
CVE-2023-25780
Status PowerBPM is affected by an access control/authentication flaw. The vulnerability allows a LAN attacker with normal user privileges to modify the substitute agent for arbitrary users, potentially leading to serious consequences. Documents refer to insufficient authentication in a specific S...