CyberSec.Space Logo
Back to CVE Browser

CVE-2021-31927

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0790%
EPSS Percentile43.02th
PublishedJun 10, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. It was fixed in v2021.1.0.2.

Affected Platforms (CPE)

πŸ“¦
Annexcloud

Loyalty Experience Platform

< 2020.1.0.1

References & Advisories

πŸ”— https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md
πŸ”— https://www.annexcloud.com/
πŸ”— https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md
πŸ”— https://www.annexcloud.com/

Related Vulnerabilities

CVE-2021-319288.8

Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator...

CVE-2021-319294.3

Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, su...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...