An authentication bypass vulnerability i... CVE-2019-19127

- AV AC AU C I A
发布: 2020-03-25
修订: 2020-03-26

An authentication bypass vulnerability is present in the stand-alone SITS:Vision component of Tribal SITS in its default configuration, related to unencrypted communications sent by the client each time it is launched. This vulnerability allows unauthenticated attackers to gain access to credentials or execute arbitrary SQL queries on the SITS backend as long as they have access to the client executable or can intercept traffic from a user who does. Version 9.7.0 is affected.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用