HTTP Referer Header Authentication Bypass in GroundWork Monitor Enterprise 6.7.0
CVE-2013-3499 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
GroundWork Monitor Enterprise 6.7.0 performs authentication on the basis of the HTTP Referer header, which allows remote attackers to obtain administrative privileges or access files via a crafted header.
Learn more about our Web Application Penetration Testing UK.