Vulnerabilities > CVE-2012-3821 - Incorrect Authorization vulnerability in Arialsoftware Campaign Enterprise
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html
- https://www.securityfocus.com/archive/1/524462
- https://www.securityfocus.com/bid/56117/info
- http://archives.neohapsis.com/archives/bugtraq/2012-10/0103.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79508