i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default administrator credentials, and there is no warning or prompt to ask users to change the default password and account name. Unauthenticated attackers can exploit this vulnerability to obtain Administrator privileges, resulting in them being able to perform arbitrary system operations or cause a Denial of Service (DoS).
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HI Doit
APPI-Doit≤ 25
Powiązane podatności
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator accou...
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql data...
i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to down...
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbi...
SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker to send a spec...