MidnightBSD

Advisories for grandit

CVE-2020-5539 MEDIUM

GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-639,

Products Affected

Vendor Product Version
grandit grandit 2.3
grandit grandit 2.0
grandit grandit 1.6
grandit grandit 3.0
grandit grandit 2.1
grandit grandit 2.2