Improper Access Control in Subrion 4.2.1 Allows Unauthorized Access to Admin Panel

Improper Access Control in Subrion 4.2.1 Allows Unauthorized Access to Admin Panel

CVE-2018-14836 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access to the Admin panel.

Learn more about our User Device Pen Test.