What the vulnerability does
01Description
Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects REHub Framework: from n/a through <= 19.9.5.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
What the vulnerability does
Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects REHub Framework: from n/a through <= 19.9.5.
Explanation of Vulnerability in Simple Terms
REHub Framework versions up to 19.9.5 lack proper authorization checks, allowing unauthenticated attackers to read sensitive data. The vulnerability exists in a network-accessible component and requires no user interaction. An attacker can retrieve confidential information without needing valid credentials or special access.
What an attacker can do
Read sensitive data without authentication or special privileges.
Potential impact on your site
Confidential information may be exposed to anyone on the internet without needing a user account.
Conditions required to exploit
Network access to the affected REHub Framework instance; no authentication required.
Key dates
External resources