CVE-2017-16630

Publication date

2021-08-11 20:09:18

Family

mitre

State

PUBLISHED

Description

In SapphireIMS 4097_1, a guest user can create a local administrator account on any system that has SapphireIMS installed, because of an Insecure Direct Object Reference (IDOR) in the local user creation function.