PT-2021-19602 · Annex Cloud · Annex Cloud Loyalty Experience Platform

Guillermo Alvarez

·

Published

2021-06-10

·

Updated

2022-07-12

·

CVE-2021-31928

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Annex Cloud Loyalty Experience Platform versions prior to 2021.1.0.2
Description: The issue allows any authenticated attacker to escalate privileges to superadministrator.
Recommendations: For versions prior to 2021.1.0.2, update to version 2021.1.0.2 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2021-31928

Affected Products

Annex Cloud Loyalty Experience Platform