Vulnerability Details CVE-2021-44837
An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the same information as an admin user regarding the risk creation information in the /risque/administration/referentiel/json/create/categorie endpoint, using the id_cat1 query parameter to indicate the risk.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.6%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References