Privilege Escalation and Information Disclosure Vulnerability in Novastar-VNNOX-iCare Novaicare 7.16.0

Privilege Escalation and Information Disclosure Vulnerability in Novastar-VNNOX-iCare Novaicare 7.16.0

CVE-2021-38289 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts.

Learn more about our Cis Benchmark Audit For Server Software.