User Profile Information Leakage Vulnerability in SINEC NMS (All versions < V1.0 SP2 Update 1)

User Profile Information Leakage Vulnerability in SINEC NMS (All versions < V1.0 SP2 Update 1)

CVE-2021-33727 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker could download the user profile of any user. With this, the attacker could leak confidential information of any user in the affected system.

Learn more about our User Device Pen Test.