ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.02041
Percentile: 0.83067

CVSS Scoring

Affected Products

• cpe:2.3:a:ifusionservices:ifdate:2.0:*:*:*:*:*:*:*
• cpe:2.3:a:ifusionservices:ifdate:2.0.3:*:*:*:*:*:*:*

← Back to Home