CVE-2021-40066
N/A
N/A
Summary
The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | NetMotion Mobility | 10.70 to 12.12 | affected |
Weaknesses
- Incorrect access control in Mobility read-only API
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.