6 matches found
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
Design/Logic Flaw
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
The entries describe an Insecure Direct Object Reference (IDOR) in Subex ROC Partner Settlement 10.5 Change Password. Affected component: Change Password feature; root cause: manipulation of POST parameters enabling account takeover by remote authenticated users. Impact: account compromise report...
PT-2020-20625 · Subex · Subex Roc Partner Settlement
Name of the Vulnerable Software and Affected Versions: Subex ROC Partner Settlement version 10.5 Description: An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature allows remote authenticated users to achieve account takeover via manipulation of POST parameters. Th...