Agentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change the name of the user account to acquire arbitrary account privilege, and access, manipulate system or disrupt service.
References
Configurations
History
No history.
Information
Published : 2022-11-10 15:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-39038
Mitre link : CVE-2022-39038
CVE.ORG link : CVE-2022-39038
JSON object : View
Products Affected
flowring
- agentflow
CWE
CWE-287
Improper Authentication