Vulnerabilities > Vdgsecurity > VDG Sense > 2.3.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-01-08 | CVE-2014-9575 | Permissions, Privileges, and Access Controls vulnerability in Vdgsecurity VDG Sense 2.3.13/2.3.14 VDG Security SENSE (formerly DIVA) before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : (colon) character in the Authorization HTTP header. | 6.4 |