2 matches found
Subex ROC Partner Settlement Insecure Direct Object Reference (IDOR) Vulnerability
Subex ROC Partner Settlement is a scalable partner management platform from Subex India. The platform supports features such as billing and revenue management. A security vulnerability exists in the Change Password feature in Subex ROC Partner Settlement version 10.5. The vulnerability can be...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...