CVE-2015-1498

Name of the Vulnerable Software and Affected Versions Persistent Systems Radia Client Automation (affected versions not specified)

Description The issue is related to insufficient access restrictions in certain requests, allowing remote attackers to enumerate user accounts via a "getUsers" request, assign or remove roles from user accounts via "addAssigneesToRole" and "removeAssigneesFromRole" requests, respectively. This could lead to unspecified further impact. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.