CVE-2018-1483309.07.2019, 13:15Intuit Lacerte 2017 has Incorrect Access Control.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.9 MEDIUMNETWORKHIGHNONECVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NmitreCNA------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 58%VendorProductVersionintuitlacerte𝑥≤ 2017𝑥= Vulnerable software versionsKnown Exploits!https://www.themikewylie.com/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/https://www.themikewylie.com/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/Common Weakness EnumerationCWE-284 - Improper Access ControlThe software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.Referenceshttps://themikewylie.com/2019/05/21/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/https://www.themikewylie.com/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/https://themikewylie.com/2019/05/21/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/https://www.themikewylie.com/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/