Vulnerabilities > Eigentech

DATE CVE VULNERABILITY TITLE RISK
2021-09-07 CVE-2021-38615 Unspecified vulnerability in Eigentech Natural Language Processing 3.10.1
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration endpoint allows any logged-in user (guest, standard, or admin) to view and modify information.
network
low complexity
eigentech
5.5
2021-09-07 CVE-2021-38616 Unspecified vulnerability in Eigentech Natural Language Processing 3.10.1
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/{user-guid}/ user edition endpoint could permit any logged-in user to increase their own permissions via a user_permissions array in a PATCH request.
network
low complexity
eigentech
6.5
2021-09-07 CVE-2021-38617 Unspecified vulnerability in Eigentech Natural Language Processing 3.10.1
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/ user creation endpoint allows a standard user to create a super user account with a defined password.
network
low complexity
eigentech
6.5