CVE-2020-12875

MEDIUM

6.3

Descricao

Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application.

Detalhes CVE

Pontuacao CVSS v3.16.3

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosLOW

Interacao do usuarioNONE

Publicado5/14/2020

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

veritas:aptare

Fraquezas (CWE)

CWE-863

Referencias

https://www.veritas.com/content/support/en_US/security/VTS20-003(cve@mitre.org)

https://www.veritas.com/content/support/en_US/security/VTS20-003(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.