Privilege escalation vulnerability in Liferay Portal 7.0.3 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9 allows remote authenticated users with permission to update/edit users to take over a company administrator user account by editing the company administrator user.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-03T21:03:38
Updated: 2024-08-03T23:50:42.962Z
Reserved: 2021-05-20T00:00:00
Link: CVE-2021-33335
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-08-03T22:15:09.137
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-33335
Redhat
No data.