PT-2021-24233 · Glewlwyd · Glewlwyd

Published

2021-12-30

Updated

2022-07-12

CVE-2021-45379

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Glewlwyd versions 2.0.0 through 2.6.0

Description: The issue is related to incorrect access control, allowing one user to attempt to log in as another user without the need for the other user's password.

Recommendations: For Glewlwyd versions 2.0.0 through 2.6.0, update to version 2.6.1 to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2021-45379

Affected Products

Glewlwyd

PT-2021-24233 · Glewlwyd · Glewlwyd

CVE-2021-45379

Weakness Enumeration

Related Identifiers

Affected Products

References · 10