CVE-2021-36207

Name of the Vulnerable Software and Affected Versions Metasys ADS/ADX/OAS servers versions 10 and 11

Description The issue is related to improper privilege management in the servers, which could allow an authenticated user to elevate their privileges to administrator under certain circumstances. This could potentially be exploited by a remote attacker to gain administrator-level access.

Recommendations For versions 10 and 11, consider restricting access to sensitive areas of the server until a proper fix is applied, focusing on limiting the capabilities of authenticated users to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.