Vulnerability Details CVE-2019-5644
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.5%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 7.5
Products affected by CVE-2019-5644
-
cpe:2.3:a:gatech:computing_for_good's_basic_laboratory_information_system:-
-
cpe:2.3:a:gatech:computing_for_good's_basic_laboratory_information_system:3.3
-
cpe:2.3:a:gatech:computing_for_good's_basic_laboratory_information_system:3.4
-
cpe:2.3:a:gatech:computing_for_good's_basic_laboratory_information_system:3.5