Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.
Problem Types
| Type | CWE ID | Description |
|---|
| CWE | CWE-306 | CWE-306 Missing Authentication for Critical Function |
Type: CWE
Description: CWE-306 Missing Authentication for Critical Function
Metrics
| Version | Base score | Base severity | Vector |
|---|
| 4.0 | 6.0 | MEDIUM | CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
Version: 4.0
Base score: 6.0
Base severity: MEDIUM
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Impacts
| CAPEC ID | Description |
|---|
| CAPEC-194 | CAPEC-194 Fake the Source of Data |
Description: CAPEC-194 Fake the Source of Data