CVE-2020-28406

Medium

6.5/10

Summary

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access details about jobs he should not have access to via the Audit Trail Feature.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Jan 29, 2021

CVE-2020-28406

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS