Absolute Secure Access Management Console Permission Bypass Vulnerability

A vulnerability exists in the management console of Absolute Secure Access in versions prior to 13.56. This issue allows attackers with administrative access and specific permissions to bypass those permissions and improperly access other settings. The vulnerability arises from insufficient input validation in the Secure Access warehouse, leading to a low complexity attack with high privilege requirements and no need for user interaction.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive settings by allowing permission bypass for users with administrative rights.