Moroco

Name of the Vulnerable Software and Affected Versions: Synapse Mobility versions 8.0 through 8.1.1 Description: Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameters. If exploited, a user of the product may escalate privileges and access data they are not authorized to view by altering the parameters of the search function. Recommendations: For Synapse Mobility version 8.0, restrict access to the search function parameters. For Synapse Mobility version 8.0.1, restrict access to the search function parameters. For Synapse Mobility version 8.0.2, restrict access to the search function parameters. For Synapse Mobility version 8.1, restrict access to the search function parameters. For Synapse Mobility version 8.1.1, restrict access to the search function parameters.