RSS   Vulnerabilities for 'Appliance base software'   RSS

2022-01-05
 
CVE-2021-31589

CWE-352
 

 
BeyondTrust Secure Remote Access Base Software through 6.0.1 allows an attacker to achieve full admin access to the appliance, by tricking the administrator into creating a new admin account through an XSS/CSRF attack involving a crafted request to the /appliance/users?action=edit endpoint. This cross-site-scripting (XSS) vulnerability occurs when it does not properly sanitize an unauthenticated crafted web request to the server

 

 >>> Vendor: Beyondtrust 3 Products
Privilege management for windows and mac
Privilege management for windows
Appliance base software


Copyright 2024, cxsecurity.com

 

Back to Top