PT-2014-3088 · Ibm · Algo Security Access Control Management+3

Publicado

2014-03-05

Atualizado

2017-08-29

CVE-2013-6319

CVSS v2.0

4.0

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM Algo One versions 4.7.0 through 5.0.0 ACSWeb in Algo Security Access Control Management versions 4.7.0 through 4.9.0 ACSWeb in AlgoWebApps version 5.0.0

Description The issue allows remote authenticated users to bypass intended access restrictions and read content.

Recommendations For IBM Algo One versions 4.7.0 through 5.0.0, update to a version that addresses the access restriction bypass issue. For ACSWeb in Algo Security Access Control Management versions 4.7.0 through 4.9.0, update to a version that addresses the access restriction bypass issue. For ACSWeb in AlgoWebApps version 5.0.0, update to a version that addresses the access restriction bypass issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2013-6319

Produtos afetados

Acsweb

Algo Security Access Control Management

Algowebapps

Ibm Algo One

PT-2014-3088 · Ibm · Algo Security Access Control Management+3

CVE-2013-6319

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3