Vulnerabilities > CVE-2020-27183 - Unspecified vulnerability in Konzept-Ix Publixone

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

konzept-ix

critical

NVD

Published: 2020-10-27

Updated: 2021-07-21

Summary

A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015 allows attackers to disclose sensitive user information, send arbitrary e-mails, escalate the privileges of arbitrary user accounts, and have unspecified other impact.

Vulnerable Configurations

Part	Description	Count
Application	Konzept-Ix Konzept IX Publixone *	1

References

https://seclists.org/fulldisclosure/2020/Oct/28
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-publixone/