-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security

Vulnerability Details

Registries

Custom Views

Weaknesses

Attack Patterns

Filters & Tools

faveo_servicedesk

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1

Related CVEs Related Vendors Related Assigners Reports

1Vulnerabilities found

Assigner-MITRE Corporation

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-0.06% / 19.82%

||

7 Day CHG~0.00%

Published-24 Mar, 2023 | 00:00

Updated-21 Feb, 2025 | 18:15

Rejected-Not Available

Known To Be Used In Ransomware Campaigns?-Not Available

KEV Added-Not Available

KEV Action Due Date-Not Available

Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.

Action-Not Available

Vendor-ladybirdweb n/a

Product-faveo_servicedesk n/a

CWE ID-CWE-639

Authorization Bypass Through User-Controlled Key