Vulnerability in Cordaware bestinformed
CVE CVE-2021-3168 Vulnerable software Cordaware bestinformed <= version 5.1.0.3 Vulnerability An Unquoted service path in Cordaware bestinformed software allows a local attacker to potentially escalate privileges to system level. Timeline 15.12.2020 Vendor informed via email 17.12.2020 Sending additional information to Vendor 12/18/2020 Calling Vendor 11.01.2021 Still no reply 14.01.2021 Disclosure because of exceeding the 30-day […]
