Vulnerabilities > CVE-2021-20778 - Unspecified vulnerability in Ec-Cube 4.0.6

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ec-cube

Summary

Improper access control vulnerability in EC-CUBE 4.0.6 (EC-CUBE 4 series) allows a remote attacker to bypass access restriction and obtain sensitive information via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Ec-Cube
1