CVE-2021-45379
HIGH WAF: Low
CVSS 8.8
Published: 2021-12-30
CWE-287
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| glewlwyd_project | glewlwyd | 2.0.0 - 2.6.1 |
References
- github.com (Patch, Third Party Advisory)
- github.com (Release Notes, Third Party Advisory)