← volver
CVE-2020-13963

CVE-2020-13963

EPSS 1.8%
SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp (which is a guest account).
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cwe.mitre.org/data/definitions/321.htmlhttps://forum.soplanning.org/viewforum.php?f=8https://labs.integrity.pt/advisories/cve-2020-13963/