aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an attacker to gain unauthenticated access to sensitive functionalities in the application
References
Link | Resource |
---|---|
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0036/MNDT-2022-0036.md | Third Party Advisory |
https://www.aenrich.com.tw | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-09T15:54:37
Updated: 2022-09-09T15:54:37
Reserved: 2022-04-06T00:00:00
Link: CVE-2022-28742
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-09T16:15:08.870
Modified: 2022-09-14T18:27:26.360
Link: CVE-2022-28742
JSON object: View
Redhat Information
No data.
CWE