Common vulnerabilities and Exposures (CVE)

Skip to main content

Required CVE Record Information

Description

Insecure Direct Object References (IDOR) in access control in Tracking 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references.

CVSS 1 Total

Learn more
ScoreSeverityVersionVector String
8.3HIGH4.0CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Product Status

Learn more

Versions 2 Total

Default Status: unaffected

affected

  • affected at 2.1.4 

unaffected

  • unaffected at 2.1.5 

Credits

  • Hoang Anh Khoa (khoahoang329@gmail.com) reporter
  • Quyen Hong Son (sonqh.kma@gmail.com) finder

Authorized Data Publishers

Learn more