monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gwos groundwork monitor 6.7.0 |