Vulnerabilities > CVE-2021-44794 - Missing Authorization vulnerability in Krontech Single Connect
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Single Connect does not perform an authorization check when using the "sc-diagnostic-ui" module. A remote attacker could exploit this vulnerability to access the device information page. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |