CVE-2021-3380

EUVD-2021-26710
Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
height8techh8_ssrms
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://height8.com
http://icrem.com
http://www.height8tech.com/carrier-grade-OSS-BSS.php
https://www.exploit-db.com/exploits/49508
http://height8.com
http://icrem.com
http://www.height8tech.com/carrier-grade-OSS-BSS.php
https://www.exploit-db.com/exploits/49508