Vulnerabilities > CVE-2021-38137 - Incorrect Authorization vulnerability in Corero Securewatch Managed Services 9.7.2.0020
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |