PT-2017-10714 · Atutorspaces · Atutor

Published

2017-07-13

Updated

2019-10-03

CVE-2017-1000003

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ATutor versions 2.2.1 and earlier

Description The issue is related to an incorrect access control check vulnerability, which results in privilege escalation. This vulnerability is present in multiple components, including the Social Application, Module, and Alternative Content components.

Recommendations For ATutor versions 2.2.1 and earlier, update to a version that includes the necessary access control checks to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2017-1000003

Affected Products

Atutor

PT-2017-10714 · Atutorspaces · Atutor

CVE-2017-1000003

Weakness Enumeration

Related Identifiers

Affected Products

References · 6