PT-2022-10754 · Softvibe · Softvibe Saraban For Infoma
Published
2022-01-18
·
Updated
2024-02-14
·
CVE-2021-38696
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SoftVibe SARABAN for INFOMA version 1.1
Description
The issue allows attackers to access signature files on the application without any authentication due to incorrect access control.
Recommendations
For SoftVibe SARABAN for INFOMA version 1.1, consider restricting access to the signature files until a proper authentication mechanism is implemented to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Softvibe Saraban For Infoma