6 matches found
CVE-2022-2193
Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1...
CVE-2022-2193
HYPR Server contains an Insecure Direct Object Reference (IDOR) in the Device Manager page. Remote authenticated attackers can tamper parameters to add a FIDO2 authenticator to arbitrary accounts. Affected: HYPR Server versions prior to 6.14.1. Remediation: upgrade to 6.14.1 or later.
CVE-2020-36531
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely...
CVE-2020-36531
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely...
Code injection
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely...
CVE-2020-36531 SevOne Network Management System Device Manager Page injection
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely...