CVE-2019-14841
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Business-central | Business-central as shipped in RHDM 7 and RHPAM 7 | affected |
Weaknesses
- CWE-281: CWE-281
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=1744801
- https://access.redhat.com/security/cve/CVE-2019-14841
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1744801
- https://access.redhat.com/security/cve/CVE-2019-14841
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.