Vulnerabilities > Openiam > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-04-06 CVE-2020-13421 Unspecified vulnerability in Openiam
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions.
network
low complexity
openiam
critical
 9.8
9.8
2021-04-06 CVE-2020-13420 Unspecified vulnerability in Openiam
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script.
network
low complexity
openiam
critical
 9.8
9.8