|CVSS SCORE||9.8, (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)|
Secure Integration Server
This vulnerability allows remote attackers to bypass authentication on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the default configuration of user accounts. The configuration contains hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the Administrator.
Softing has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Flashback Team: Pedro Ribeiro (@pedrib1337) && Radek Domanski (@RabbitPro)