Overview
- Description
- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below uses poor session management, allowing for an unauthenticated attacker to access administrator functionality if any other user is already signed in.
- Source
- 430a6cef-dc26-47e3-9fa8-52fb7f19644e
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- 430a6cef-dc26-47e3-9fa8-52fb7f19644e
- CWE-1390
Social media
- Hype score
- Not currently trending