← back
CVE-2017-16630

CVE-2017-16630

EPSS 0.9%
In SapphireIMS 4097_1, a guest user can create a local administrator account on any system that has SapphireIMS installed, because of an Insecure Direct Object Reference (IDOR) in the local user creation function.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://vuln.shellcoder.party/2020/07/18/cve-2017-16630-sapphireims-idor-based-privilege-elevation/https://vuln.shellcoder.party/tags/sapphireims/