An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the ability for unauthenticated users to access pages that are vulnerable to attacks such as SQL injection.
References
Link | Resource |
---|---|
https://github.com/atredispartners/advisories/blob/master/ATREDIS-2021-0001.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-07-13T13:57:33
Updated: 2021-07-13T13:57:33
Reserved: 2021-07-02T00:00:00
Link: CVE-2021-36124
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-13T14:15:08.940
Modified: 2022-05-03T16:04:40.443
Link: CVE-2021-36124
JSON object: View
Redhat Information
No data.