CVE-2015-10033

Published: Jan 9, 2023Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Exploitability: 1.2 / Impact: 5.2

Source: NVD

Description

A vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This affects an unknown part of the component Grade Handler. The manipulation leads to improper authorization. The identifier of the patch is 134f5481e2914b7f096cd92a22b1e6bcb8e6dfe5. It is recommended to apply a patch to fix this issue. The identifier VDB-217713 was assigned to this vulnerability.

Affected (1)

Products: Merlinsboard Project: Merlinsboard

Merlinsboard Project

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Merlinsboard Project Merlinsboard	Before 2015-03-19

Related CWEs

Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (6)

https://github.com/jvvlee/MerlinsBoard/commit/134f5481e2914b7f096cd92a22b1e6bcb8e6dfe5

Source: cna@vuldb.com

PatchThird Party Advisory

https://vuldb.com/?ctiid.217713

Source: cna@vuldb.com

Third Party Advisory

https://vuldb.com/?id.217713

Source: cna@vuldb.com

Third Party Advisory

https://github.com/jvvlee/MerlinsBoard/commit/134f5481e2914b7f096cd92a22b1e6bcb8e6dfe5

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://vuldb.com/?ctiid.217713

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://vuldb.com/?id.217713

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.