Authentication Bypass Vulnerability in PRiSE adAS 1.7.0

Authentication Bypass Vulnerability in PRiSE adAS 1.7.0

CVE-2019-15088 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in PRiSE adAS 1.7.0. Password hashes are compared using the equality operator. Thus, under specific circumstances, it is possible to bypass login authentication.

Learn more about our Code Quality Review.