PT-2022-9922 · Unknown · Northstar Club Management

Alexandre Larocque

Published

2022-02-04

Updated

2022-07-12

CVE-2021-29396

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NorthStar Club Management version 6.3

Description The issue allows remote unauthenticated users to use various functionalities without authentication due to systemic insecure permissions.

Recommendations For NorthStar Club Management version 6.3, update the system to enforce proper authentication mechanisms for all functionalities to prevent unauthorized access.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2021-29396

Affected Products

Northstar Club Management

PT-2022-9922 · Unknown · Northstar Club Management

CVE-2021-29396

Weakness Enumeration

Related Identifiers

Affected Products

References · 5