RedPacket Security

InfoSec News & Tutorials

Vulnerabilities 

ARA-2020-005: Insecure Direct Object Reference in 1CRM (CVE-2020-15958)

admin , , , , , , , , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Andreas Sperber on Sep 15

# Security Advisory
ARA-2020-005: Insecure Direct Object Reference (CVE-2020-15958)
## Affected Product(s) and Environment(s)
Product: 1CRM <=8.6.7, confirmed for CRBM System ENT-8.6.5, CRBM System
ENT-8.6.6 and Startup+ Edition 8.5.15
Environments: All host environments
## Security Risk
Severity: High
CVSS v3: 8.6
## Impact
Confidentiality: High
Integrity: None
Availability: None
## Exploitability
Access Vector: Network
Access Complexity: Low…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source

You May Also Like

osint

Amazons gets FAA’s approval for Drone Delivery Trails

admin
Award

Rapid7 Named a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment

admin
osint

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

admin