PT-2014-4640 · Amtelco · Misecuremessages
Jared Bird
·
Publicado
2014-05-06
·
Atualizado
2014-05-06
·
CVE-2014-2347
CVSS v2.0
7.0
Alta
| Vetor | AV:N/AC:M/Au:S/C:C/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Amtelco miSecureMessages (aka MSM) version 6.2
Description
The issue is related to improper session management, allowing remote authenticated users to obtain sensitive information by sending a modified message request.
Recommendations
For Amtelco miSecureMessages (aka MSM) version 6.2, consider implementing proper session management to prevent unauthorized access to sensitive information. As a temporary workaround, restrict access to sensitive data until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Misecuremessages