Vulnerability CVE-2021-43939
Published: 2022-04-28

Description:
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints.

Type:

CWE-285

 (Improper Authorization)

 References:
https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-04
Copyright 2024, cxsecurity.com

 

Back to Top