What the vulnerability does
01Description
Unauthenticated Broken Access Control in POS Entegratör <= 3.7.103 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
What the vulnerability does
Unauthenticated Broken Access Control in POS Entegratör <= 3.7.103 versions.
Explanation of Vulnerability in Simple Terms
POS Entegratör versions 3.7.103 and earlier lack proper authorization checks, allowing unauthenticated attackers to modify data on the system. The vulnerability requires no user interaction and can be exploited over the network. While confidentiality is not affected, attackers can alter records and degrade system availability.
What an attacker can do
Modify or delete data in the POS system without logging in.
Potential impact on your site
Unauthorized changes to transaction records, inventory, or configuration; potential data loss and service disruption.
Conditions required to exploit
Network access to the POS Entegratör application; no authentication required.
Key dates
External resources
Related vulnerabilities