Vulnerability Details CVE-2023-27107
Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.6%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-27107
-
cpe:2.3:a:myq-solution:central_server:*
-
cpe:2.3:a:myq-solution:central_server:8.2
-
cpe:2.3:a:myq-solution:print_server:*
-
cpe:2.3:a:myq-solution:print_server:8.2