CVE-2019-25068

Published: Jun 9, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely.

Affected (2)

Products: Axiositalia: Registro Elettronico

1 product

Registro Elettronico

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Axiositalia Registro Elettronico	Version 1.7.0
Axiositalia Registro Elettronico	Version 7.0.0

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://vuldb.com/?id.139528

Source: cna@vuldb.com

Third Party Advisory

https://vuldb.com/?id.139528

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.