Vulnerabilities > CVE-2017-15680 - Missing Authorization vulnerability in Craftercms Crafter CMS 3.0.0

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
craftercms
CWE-862

Summary

In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data.

Vulnerable Configurations

Part Description Count
Application
Craftercms
1

Common Weakness Enumeration (CWE)