Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.*, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.
Problem Types
| Type | CWE ID | Description |
|---|
| CWE | CWE-306 | CWE-306 Missing Authentication for Critical Function |
Type: CWE
Description: CWE-306 Missing Authentication for Critical Function
Metrics
| Version | Base score | Base severity | Vector |
|---|
| 4.0 | 6.1 | MEDIUM | CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N |
Version: 4.0
Base score: 6.1
Base severity: MEDIUM
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
Impacts
| CAPEC ID | Description |
|---|
| CAPEC-151 | CAPEC-151 Identity Spoofing |
Description: CAPEC-151 Identity Spoofing