ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HPcvuesolutions Pcvue
APPPcvuesolutions8.10 – 12.0.17 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Referencje
Powiązane podatności
CVE-2020-26867CRITICAL9.8ten sam produkt
ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, wh...
CVE-2020-26869HIGH7.5ten sam produkt
ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized u...