CVE-2021-25991

Medium CVSS 5.7

Overview

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme.

CWE: CWE-284 Published: 2021-12-29T09:15:09.467

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.7 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags