A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to otherwise non-privileged user accounts.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2023-03-14T09:31:58.178Z
Updated: 2024-08-02T12:09:42.950Z
Reserved: 2023-02-28T09:05:35.296Z
Link: CVE-2023-27310
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-03-14T10:15:28.777
Modified: 2024-11-21T07:52:37.423
Link: CVE-2023-27310
Redhat
No data.