Personify Personify360 E-business : Security vulnerabilities, CVEs

Copy

CVE-2017-7314

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available.

Max CVSS

7.5

EPSS Score

3.53%

Published

2017-06-07

Updated

2017-06-14

CVE-2017-7313

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, it is possible to read any customer name, master Customer Id, and email address. In other words, anyone can search for users/customers in the system - no authentication is required.

Max CVSS

7.5

EPSS Score

0.59%

Published

2017-06-07

Updated

2017-06-14

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!