CVE-2019-15747

SITOS six Build v6.2.1 allows a user with the user role of Seminar Coordinator to escalate their permission to the Systemadministrator role due to insufficient checks on the server side.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
sitossitos_six
6.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.contextis.com/en/resources/advisories/cve-2019-15747
https://www.contextis.com/en/resources/advisories/cve-2019-15747