Agentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change the name of the user account to acquire arbitrary account privilege, and access, manipulate system or disrupt service.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2022-11-10T00:00:00
Updated: 2022-11-10T00:00:00
Reserved: 2022-08-30T00:00:00
Link: CVE-2022-39038
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-11-10T15:15:14.647
Modified: 2022-11-15T17:56:16.600
Link: CVE-2022-39038
JSON object: View
Redhat Information
No data.
CWE