Vulnerability CVE-2021-43939


Published: 2022-04-28

Description:
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints.

Type:

CWE-285

(Improper Authorization)

 References:
https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-04

Copyright 2022, cxsecurity.com

 

Back to Top