An Insecure Direct Object Reference (IDOR) vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the application
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-14T19:52:19
Updated: 2024-08-04T10:26:16.061Z
Reserved: 2020-02-24T00:00:00
Link: CVE-2020-9384
Vulnrichment
Updated: 2024-08-04T10:26:16.061Z
NVD
Status : Modified
Published: 2020-04-14T20:15:15.623
Modified: 2024-11-21T05:40:31.860
Link: CVE-2020-9384
Redhat
No data.