CVE-2018-5328

Name of the Vulnerable Software and Affected Versions ZUUSE BEIMS ContractorWeb .NET version 5.18.0.0

Description The issue allows access to various privileged modules, such as "UserManagement", without properly authenticating the user. This can be exploited by an attacker to perform unauthorized actions, for example, by accessing the "Edit User Details" functionality.

Recommendations For version 5.18.0.0, consider restricting access to the /UserManagement/ module until a proper authentication mechanism is implemented to prevent unauthorized actions. As a temporary workaround, restrict access to the "Edit User Details" functionality to minimize the risk of exploitation.