EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. The vulnerability allows remote attacker to obtain users’ credential information without logging in the system, and further acquire the privileged permissions and execute arbitrary commends.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2021-03-17T09:10:31.510444Z

Updated: 2024-09-16T16:12:43.224Z

Reserved: 2021-01-06T00:00:00

Link: CVE-2021-22860

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-03-17T09:15:12.670

Modified: 2024-11-21T05:50:46.997

Link: CVE-2021-22860

cve-icon Redhat

No data.