Description
SiteVision 4 has Incorrect Access Control.
References (6)
Core 6
Core References
Third Party Advisory x_refsource_misc
https://www.cybercom.com/About-Cybercom/Blogs/Security-Advisories/high-risk-vulnerabilities-in-cms-product/
Exploit, Third Party Advisory x_refsource_misc
https://www.cybercom.com/contentassets/ac929be030744b8e92dc6e457fdb7dcc/sitevision-disclosure-insufficient-access-control.pdf
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Dec/13
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Dec/12
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/155584/SiteVision-4.x-5.x-Insufficient-Module-Access-Control.html
Product x_refsource_misc
https://www.sitevision.se/
Scores
CVSS v3
8.8
EPSS
0.0208
EPSS Percentile
79.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-862
Status
published
Products (1)
sitevision/sitevision
4.0 - 4.5.6
Published
Dec 06, 2019
Tracked Since
Feb 18, 2026