go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

EBM Technologies RISWEB - Improper Access Control

TVN ID TVN-202402005
CVE ID CVE-2024-26263
CVSS 5.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products RISWEB 1.x、2.x
Description EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login.
Solution Update to 3.x or later version.
Credit Security member
Public Date 2024-02-15
Top