PT-2019-8923 · None · Easyappointments

Published

2019-10-29

Updated

2020-03-18

CVE-2018-13063

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Easy!Appointments version 1.3.0

Description The issue allows for the retrieval of hashed passwords and salts due to a Missing Authorization problem.

Recommendations For Easy!Appointments version 1.3.0, update to a version that addresses the Missing Authorization issue to prevent the retrieval of hashed passwords and salts.

Exploit

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2018-13063

Affected Products

Easyappointments

PT-2019-8923 · None · Easyappointments

CVE-2018-13063

Weakness Enumeration

Related Identifiers

Affected Products

References · 7