9 matches found
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
Subex ROC Partner Settlement Insecure Direct Object Reference (IDOR) Vulnerability
Subex ROC Partner Settlement is a scalable partner management platform from Subex India. The platform supports features such as billing and revenue management. A security vulnerability exists in the Change Password feature in Subex ROC Partner Settlement version 10.5. The vulnerability can be...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
Design/Logic Flaw
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
The entries describe an Insecure Direct Object Reference (IDOR) in Subex ROC Partner Settlement 10.5 Change Password. Affected component: Change Password feature; root cause: manipulation of POST parameters enabling account takeover by remote authenticated users. Impact: account compromise report...
Subex ROC Partner Settlement 10.5 Insecure Direct Object Reference
=========================================================================================================== Subex ROC Partner Settlement 10.5 - Authenticated IDOR in change password function lead to account takeover...