CVE-2020-25563

In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave Automation Tasks feature and not having a JSESSIONID...

Tecknodreams SapphireIMS Access Control Error Vulnerability

Tecknodreams SapphireIMS is an ITIL 2011 certified enterprise-class service management system from Tecknodreams India.A security vulnerability exists in Tecknodreams SapphireIMS version 5.0, which stems from direct access to the RemoteMgmtTaskSave feature and no JSESSIONID, which can be used to...

CVE-2020-25564

In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave Automation Tasks feature...

CVE-2020-25563

In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave Automation Tasks feature and not having a JSESSIONID...

CVE-2020-25563

In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave Automation Tasks feature and not having a JSESSIONID...

Information disclosure

In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave Automation Tasks feature...

Design/Logic Flaw

In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave Automation Tasks feature and not having a JSESSIONID...

CVE-2020-25564

CVE-2020-25564 : A privilege escalation in SapphireIMS 5.0 allows a non-privileged user to create a local administrator on any client by directly accessing the RemoteMgmtTaskSave (Automation Tasks) feature. The root cause is insufficient access control in the Automation Tasks pathway. Impact repo...

CVE-2020-25563

In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave Automation Tasks feature and not having a JSESSIONID...

CVE-2020-25563

SapphireIMS 5.0 is affected by an authentication-bypass vulnerability in the RemoteMgmtTaskSave (Automation Tasks) path that allows an unauthenticated user to create a local administrator on any client by accessing RemoteMgmtTaskSave without a JSESSIONID. Root cause: direct access to an automatio...

Tecknodreams SapphireIMS 访问控制错误漏洞

Tecknodreams SapphireIMS is an ITIL 2011 certified enterprise-class service management system from Tecknodreams India.A security vulnerability exists in Tecknodreams SapphireIMS version 5.0, which stems from direct access to the RemoteMgmtTaskSave feature and no JSESSIONID, which can be used to...