Vulnerabilities > CVE-2018-15693 - Incorrect Authorization vulnerability in Inova-Software Inova Partner 5.0.5

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
LOW
Availability impact
LOW
network
high complexity
inova-software
CWE-863
NVD
Published: 2018-11-16
Updated: 2019-10-03

Summary

Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass via insecure direct object reference.

Vulnerable Configurations

Part Description Count
Application
Inova-Software
2

Common Weakness Enumeration (CWE)

References