What the vulnerability does
01Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo golo allows Authentication Abuse.This issue affects Golo: from n/a through <= 1.7.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo golo allows Authentication Abuse.This issue affects Golo: from n/a through <= 1.7.0.
Explanation of Vulnerability in Simple Terms
Golo versions 1.7.0 and earlier contain an authentication bypass vulnerability. An attacker can gain unauthorized access to the application without valid credentials. The vulnerability requires no user interaction and can be exploited remotely over the network. Affected installations should update immediately.
What an attacker can do
Gain full unauthorized access to the application without providing valid credentials.
Potential impact on your site
Attackers can read, modify, or delete all data and functionality in Golo without any credentials.
Conditions required to exploit
Network access to the Golo application; no authentication or user interaction required.
Key dates
External resources