6 matches found
CVE-2020-8495
In Kronos Web Time and Attendance webTA 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and...
Kronos Web Time And Attendance Privilege Escalation (CVE-2020-8495)
A privilege escalation vulnerability exists in Kronos Web Time And Attendance. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Exploit
Exploit for java platform in category web applications Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage:...
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage:...
CVE-2020-8495
In Kronos Web Time and Attendance webTA 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and...
CVE-2020-8495
Kronos WebTA 3.8.x and 3.x before 4.0 contains a privilege-escalation vulnerability in the com.threeis.webta.H491delegate servlet. An attacker with Timekeeper or Supervisor privileges can exploit the delegate, delegateRole, and delegatorUserId parameters to gain unauthorized administrative privil...