5 matches found
FreeBPX < 16.0.44 Authentication Bypass
According to its self-reported version number, the FreePBOX application running on the remote host is prior to 16.0.44 or 17.x prior to 17.0.23. It is, therefore, affected by an authentication bypass when providing an Authorization header with an arbitrary value, a session is associated with the...
EUVD-2020-25250
Malware in sbrugna...
Privilege escalation
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to elevate their...
Vmware VMWare SD-WAN Orchestrator Authorization Issues Vulnerability
Vmware VMWare SD-WAN Orchestrator is a software from Vmware that orchestrates network data flows in a software-defined network architecture. The software provides Web pages to visually manage users, gateways, and authentication. An authorization issue vulnerability exists in VMware SD-WAN...
Authorization
Siemens SIMATIC STEP 7 TIA Portal before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file...