An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated malicious user to reset the password of any user in its domain or any sub-domain, via escalation of privileges. This issue affects all GateManager versions before 9.2c
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
secomea gatemanager 8250 firmware |
||
secomea gatemanager 4250 firmware |
||
secomea gatemanager 4260 firmware |
||
secomea gatemanager 9250 firmware |