CVE-2019-15747

Privilege Escalation via Client-Side-Source Manipulation

Publish date

03 October 2019

Identifier

CVE-2019-15747

Manufacturer

SITOS

Product

SITOS Six Build v6.2.1

Authors

Dennis Herrmann and Andre Waldhoff

Description

SITOS Six Build v6.2.1 allows a user with the user role “Seminar Coordinator” to escalate they permission to “Systemadministrator” role due to insufficient checks on the server side.

 

CREST
CREST STAR
CHECK IT Health Check Service
CBEST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider