CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-31927

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0790%
EPSS Percentile43.02th
Published2021年6月10日
Last Modified2024年11月21日

Vulnerability Description

An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. It was fixed in v2021.1.0.2.

Affected Platforms (CPE)

📦
Annexcloud

Loyalty Experience Platform

< 2020.1.0.1

References & Advisories

🔗 https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md
🔗 https://www.annexcloud.com/
🔗 https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md
🔗 https://www.annexcloud.com/

相关漏洞威胁

CVE-2021-319288.8

Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator...

CVE-2021-319294.3

Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, su...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...