CVE
Vulnerable software
Both the Update Manager up to version 5.8.0.2300 and DFL up to version 12.5.1001.5 are affected by this vulnerability.
Vulnerability
An insufficient configuration of the service allows an extension of the rights on system level.
Timeline
- 22.06.2021 Manufacturer informed
- 24.06.2021 Appointment for queries
- 05.07.2021 Questions and further procedure
- 01.08.2021 Update
- 16.08.2021 Publication