Home

CVE-2019-15018

Description

A security vulnerability exists in the Zingbox Inspector where authentication is not required when binding the Inspector instance to a different customer tenant. (Ref: CVE-2019-15018)The vulnerability allows a user to bind the Zingbox Inspector to another tenant, which can impact the functionality of the service.This issue affects Zingbox Inspector, versions 1.280 and earlier.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.19

Associated Vulnerability

VulnerabilityOS Platform
Missing Authentication for Critical Function Vulnerability (CVE-2019-15018)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234