CVE-2020-5539

Summary

GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
GRANDIT CORPORATIONGRANDITVer.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0affected

Weaknesses

  • Fails to manage sessions

ADP Enrichment

CVE Program Container

Additional References

References