CVE-2020-12528

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. Improper use of access validation allows a logged in user to kill web2go sessions in the account he should not have access to.
References
Link Resource
https://cert.vde.com/de-de/advisories/vde-2021-003 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*

Information

Published : 2021-03-02 10:15

Updated : 2021-03-09 04:34


NVD link : CVE-2020-12528

Mitre link : CVE-2020-12528

Products Affected
No products.
CWE