Vulnerabilities > CVE-2021-25991 - Unspecified vulnerability in If-Me Ifme

047910
CVSS 7.3 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
if-me
NVD
Published: 2021-12-29
Updated: 2022-01-10

Summary

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme.

Vulnerable Configurations

Part Description Count
Application
If-Me
172

References