CVE-2024-57726

SimpleHelp Missing Authorization Vulnerability

Beschreibung

SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

Schweregrad: CRITICAL

CVSS-Score: 9.9

Hersteller: SimpleHelp

Produkt: SimpleHelp