3 matches found
CVE-2017-15379
An authentication bypass exists in the E-Sic 1.0 /index aka login URI via '=''or' values for the username and password...
CVE-2017-15379
An authentication bypass exists in the E-Sic 1.0 /index aka login URI via '=''or' values for the username and password...
CVE-2017-15379
The CVE-2017-15379 entry covers an authentication bypass in E-Sic 1.0 at the /index (login) endpoint, exploitable via the username/password parameters using values like '=' or 'or'. Affected product: E-Sic 1.0; root cause: improper input validation in the login URI allows bypass of authentication...