Vulnerabilities > Annexcloud

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-10	CVE-2021-31927	Authorization Bypass Through User-Controlled Key vulnerability in Annexcloud Loyalty Experience Platform An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. network low complexity annexcloud CWE-639	4.0
2021-06-10	CVE-2021-31928	Unspecified vulnerability in Annexcloud Loyalty Experience Platform Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. network low complexity annexcloud critical	9.0
2021-06-10	CVE-2021-31929	Incorrect Permission Assignment for Critical Resource vulnerability in Annexcloud Loyalty Experience Platform Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals. network low complexity annexcloud CWE-732	4.0

Vulnerabilities > Annexcloud {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Annexcloud"}]}