Vulnerabilities > CVE-2020-13462 - Authorization Bypass Through User-Controlled Key vulnerability in Tufin Securetrack 18.1

047910
CVSS 5.7 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
low complexity
tufin
CWE-639
NVD
Published: 2021-02-09
Updated: 2021-07-21

Summary

Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. Fixed in version R20-2 GA.

Vulnerable Configurations

Part Description Count
Application
Tufin
2

Common Weakness Enumeration (CWE)

References