mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 23:27:33 +02:00
0xMarcio
741 B
741 B
CVE-2020-9002
Description
An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to UserRoleKey=DOMAIN_ADMIN (to achieve Domain Administrator access).
POC
Reference
- https://websec.nl/blog/
- https://websec.nl/blog/6127847280e759c7d31286d0/cve%20report%20august%202021/
Github
No PoCs found on GitHub currently.