CVE-2019-5644
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Computing For Good | Basic Laboratory Information System | unspecified <= 3.5 | affected |
Weaknesses
- CWE-284: CWE-284 Improper Access Control
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.