Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote malicious users to (1) enumerate user accounts via a getUsers request, (2) assign a role to a user account via an addAssigneesToRole request, (3) remove a role from a user account via a removeAssigneesFromRole request, or (4) have other unspecified impact.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
persistent systems radia client automation - |