CVE-2020-13422

Published April 6th, 2021

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

5.5

MEDIUM

Affected

1

PROJECT

Description

OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/* administrative actions.

Accenture/AARO-Bugs

Vulnerabilities, exploits, and PoCs

GitHub

40