What the vulnerability does
01Description
Missing Authorization vulnerability in Icegram Icegram icegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram: from n/a through <= 3.1.35.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Missing Authorization vulnerability in Icegram Icegram icegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram: from n/a through <= 3.1.35.
Explanation of Vulnerability in Simple Terms
Icegram versions up to 3.1.35 lack proper authorization checks, allowing unauthenticated attackers to modify data and disrupt service. The vulnerability requires no special access or user interaction. Site administrators should update to version 3.1.42 or later to restore proper access controls.
What an attacker can do
Modify site data and cause service disruption without authentication.
Potential impact on your site
Unauthorized users can alter content and cause downtime on your site.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources