CVE-2019-13550

Critical

In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information,…

icscert·CWE-285·Published 2019-09-18

CVSS

9.8

EPSS

0.03

KEV

Exploits

cve.orgen

245 chars

In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash.

NVDen

245 chars

NVDes

296 chars

En WebAccess, versiones 8.4.1 y anteriores, una vulnerabilidad de autorización inapropiada puede permitir a un atacante revelar información confidencial, causar un control inadecuando de la generación de código, lo que puede permitir la ejecución de código remota o causar un bloqueo del sistema.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.0	10.0	8.5	AV:N/AC:L/Au:N/C:P/I:P/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H