ГлавнаяУязвимости → CVE-2023-49233
8.8высокая

CVE-2023-49233

Описание

Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow attackers in possession of a non-administrative Visual Planning account to utilize functions normally reserved for administrators. The affected functions allow attackers to obtain different types of configured credentials and potentially elevate their privileges to administrator level.

CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.schutzwerk.com/blog/schutzwerk-sa-2023-005/https://www.visual-planning.com/en/support-portal/updates