2 matches found
CVE-2020-9000
CVE-2020-9000 affects iPortalis iCS 7.1.13.0. The issue arises from .NET input validation that allows an attacker to send a sequence of requests to rapidly enlarge the remote server’s log file, causing memory exhaustion and a denial-of-service condition. The Real-world exposure is network-accessi...
CVE-2020-9002
CVE-2020-9002 affects iPortalis iCS 7.1.13.0. An attacker can escalate privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to DOMAIN_ADMIN, granting Domain Administrator access. Details across sources consistently describe a privilege escalation via improper validation of ...