Vulnerabilities

CVE-2021-40066

by Fred · 16/09/2021

The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14.

Date published : 2021-09-16

https://www.netmotionsoftware.com/security-advisories/cve-2021-40066

Similar

Tags: Cybersecurity Alert