CWE-1242: Inclusion of Undocumented Features
The vulnerability consists of the presence in the product of hidden or undocumented functions that were not disclosed to users or administrators. An attacker can discover and exploit such functions to perform unauthorized actions. A network attack vector (AV:N) without authentication requirement (PR:N) and user interaction (UI:N) means that exploitation can be conducted remotely over the network.
An attacker may gain full control over the confidentiality, integrity, and availability of the system, corresponding to the highest scores in all three CVSS categories. The impact includes potential unauthorized access to data, its modification, and disruption of service operations.
Patches available from the vendor should be applied according to the references. Detailed information is available on the Israeli government advisory service at the address indicated in the CVE references
Versions indicated in the vendor references — specific products and versions have not been specified in the available CVE description
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H