Article - CS425915
High Severity Vulnerability in Codebeamer
Modified: 11-Sep-2024
Applies To
- Codebeamer 2.1.0.0 to 2.1.0.2
- Codebeamer 22.10 22.10 to 22.10 SP10
- Codebeamer 2.0.0.0 to 2.0.0.4
- Codebeamer 9.x any to 22.04 22.04 SP8
Description
- A high severity vulnerability has been identified in Codebeamer application
- CVSS V3.1 Score: 8.8 (High)
- CVSS V3.1 Vector String: /AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE-285: Improper Authorization
- Privileges are not fully verified server-side
- Can be abused by an authenticated user with limited privileges to bypass authorization and access privileged functionality
- PTC has no indication nor has been made aware that this vulnerability has or is being exploited
This is a printer-friendly version of Article 425915 and may be out of date. For the latest version click CS425915