CVE-2021-44793

Name of the Vulnerable Software and Affected Versions Single Connect (affected versions not specified)

Description The issue arises from the lack of an authorization check in the sc-reports-ui module, allowing a remote attacker to access the device configuration page and export data to an external file. This could lead to the attacker obtaining sensitive information, including database credentials. Since the database operates with high privileges, the attacker might be able to execute commands using the obtained credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.