Privilege Escalation via Manipulation of token Cookie in Unitrends Enterprise Backup Web Server

Privilege Escalation via Manipulation of token Cookie in Unitrends Enterprise Backup Web Server

CVE-2017-7279 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login.

Learn more about our Web App Pen Testing.