RSS   Podatności dla 'Iportalis control portal'   RSS

2021-09-01
 
CVE-2020-9000

CWE-400
 

 
An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources (triggering a denial of service condition).

 
 
CVE-2020-9002

CWE-20
 

 
An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to UserRoleKey=DOMAIN_ADMIN (to achieve Domain Administrator access).

 


Copyright 2024, cxsecurity.com

 

Back to Top