- Description
- A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
- Source
- secalert@redhat.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4"
},
{
"criteria": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20A6B40D-F991-4712-8E30-5FE008505CB7"
}
],
"operator": "OR"
}
]
}
]