Vulnerabilities > CVE-2017-15680 - Missing Authorization vulnerability in Craftercms Crafter CMS 3.0.0

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
craftercms
CWE-862
NVD
Published: 2020-11-27
Updated: 2020-11-28

Summary

In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data.

Vulnerable Configurations

Part Description Count
Application
Craftercms
1

Common Weakness Enumeration (CWE)

References