Vulnerabilities > CVE-2021-38618 - Unspecified vulnerability in Gfos Workforce Management 4.8.272.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
gfos
Summary
In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |