Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-25780

Disclosure Date: May 30, 2023 (last updated October 08, 2023)
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence.
Attack Vector: Adjacent NetworkPrivileges: LowUser Interaction: None
1
0