PT-2022-10058 · Secomea · Secomea Gatemanager

Schlumberger

Published

2022-03-07

Updated

2022-03-16

CVE-2021-32006

CVSS v3.1

5.0

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Secomea GateManager versions prior to 9.6.621421014

Description The issue is related to permission problems in the LinkManager web portal of Secomea GateManager, allowing a logged-in LinkManager user to access stored SiteManager backup files.

Recommendations For versions prior to 9.6.621421014, update to version 9.6.621421014 or later to resolve the issue. As a temporary workaround, consider restricting access to the LinkManager web portal to minimize the risk of exploitation.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-275CWE-276CWE-274

Related Identifiers

CVE-2021-32006

Affected Products

Secomea Gatemanager

PT-2022-10058 · Secomea · Secomea Gatemanager

CVE-2021-32006

Weakness Enumeration

Related Identifiers

Affected Products

References · 5