Primary

Context

Descor Infocad Broken Authorization Vulnerability Allowing Unauthenticated Access

Vulnerability

Patched

A broken authorization vulnerability has been identified in Descor Infocad versions through 3.5.1.0, allowing users to access web services without authentication. This flaw, rooted in improperly implemented authorization controls, enables unauthorized actions and SQL query execution, potentially compromising user integrity and application confidentiality.

Impact

Exploitation of this vulnerability allows remote users to access services without authentication, execute SQL queries, and perform actions on behalf of registered users, thereby compromising application integrity and confidentiality.

Remediation

Users can upgrade to Descor Infocad version 3.5.2.0, where this vulnerability has been fixed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Descor Infocad Broken Authorization Vulnerability Allowing Unauthenticated Access

Vulnerability

Impact

Remediation

Affected Products

Descor Infocad

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating