Vulnerabilities > CVE-2021-45891 - Incorrect Resource Transfer Between Spheres vulnerability in Zauner ARC 4.2.0.4

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
zauner
CWE-669
NVD
Published: 2022-04-05
Updated: 2022-07-12

Summary

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.

Vulnerable Configurations

Part Description Count
Application
Zauner
1

Common Weakness Enumeration (CWE)

References