CVE-2019-15747

EUVD-2019-6682
SITOS six Build v6.2.1 allows a user with the user role of Seminar Coordinator to escalate their permission to the Systemadministrator role due to insufficient checks on the server side.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
sitossitos_six
6.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.contextis.com/en/resources/advisories/cve-2019-15747
https://www.contextis.com/en/resources/advisories/cve-2019-15747