Incorrect Access Control in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an authenticated remote attacker to view the Shape Editor and Settings, which are functionality for higher privileged users, via identifying said components in the front-end source code or other means.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: NCSC.ch
Published: 2021-11-30T11:28:08
Updated: 2024-08-04T03:22:25.987Z
Reserved: 2021-10-08T00:00:00
Link: CVE-2021-42116
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-30T12:15:07.703
Modified: 2024-11-21T06:27:17.663
Link: CVE-2021-42116
Redhat
No data.