What the vulnerability does
01Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.7.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.7.
Explanation of Vulnerability in Simple Terms
Vitepos versions 3.1.7 and earlier contain an authentication bypass vulnerability affecting high-privilege users. An authenticated administrator can read sensitive data, modify system settings, and disrupt service availability. The vulnerability requires valid admin credentials and network access to the application.
What an attacker can do
Read sensitive data, modify system settings, and disrupt service availability if they have admin credentials.
Potential impact on your site
Administrators with compromised credentials can cause data breaches, configuration tampering, and service outages.
Conditions required to exploit
Valid administrator account and network access to the Vitepos application.
Key dates
External resources