3 matches found
EUVD-2019-16274
Malware in sbrugna...
Cross site request forgery (csrf)
An unauthenticated Insecure Direct Object Reference IDOR in Wicket Core in LogonBox Nervepoint Access Manager 2013 through 2017 allows a remote attacker to enumerate internal Active Directory usernames and group names, and alter back-end server jobs backup and synchronization jobs, which could...
CVE-2019-6716
An unauthenticated Insecure Direct Object Reference IDOR in Wicket Core in LogonBox Nervepoint Access Manager 2013 through 2017 allows a remote attacker to enumerate internal Active Directory usernames and group names, and alter back-end server jobs backup and synchronization jobs, which could...