Vulnerabilities > CVE-2020-19005 - Incorrect Authorization vulnerability in Zrlog 2.1.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
zrlog v2.1.0 has a vulnerability with the permission check. If admin account is logged in, other unauthorized users can download the database backup file directly.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |