10 matches found
EUVD-2023-29677
Malicious code in bioql PyPI...
CVE-2023-25780
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
CVE-2023-25780
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
Authentication flaw
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
CVE-2023-25780 Status Internet Co.,Ltd. PowerBPM - Broken Access Control
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
Status PowerBPM 访问控制错误漏洞
Status PowerBPM is a BPM system from Status. An Access Control Error vulnerability exists in Status PowerBPM v2.0, which stems from insufficient authentication, and can be exploited by an attacker on a local area network with normal user privileges to modify an alternate agent to an arbitrary use...
CVE-2023-25780 Status Internet Co.,Ltd. PowerBPM - Broken Access Control
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...
CVE-2023-25780
Status PowerBPM is affected by an access control/authentication flaw. The vulnerability allows a LAN attacker with normal user privileges to modify the substitute agent for arbitrary users, potentially leading to serious consequences. Documents refer to insufficient authentication in a specific S...
PT-2023-20297 · Unknown · Status Powerbpm
Name of the Vulnerable Software and Affected Versions: Status PowerBPM affected versions not specified Description: The issue is related to insufficient authentication in a specific function of Status PowerBPM. A LAN attacker with normal user privileges can exploit this to modify the substitute...
CVE-2023-25780
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence...