2 matches found
CVE-2021-40067
CVE-2021-40067 affects NetMotion Mobility. The Mobility Read/Write API’s access controls fail to validate permissions; the API is disabled by default, but if manually enabled, an attacker with network access and valid credentials can read/write data regardless of access control settings. Impact p...
CVE-2021-40066
CVE-2021-40066 affects Mobility's read-only API. The root cause is improper validation of user access permissions in the API, allowing attackers with network access and valid credentials to read data from the API irrespective of access control group membership. Impact is data exposure via the rea...