Description
A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated (low privileged) attacker to gain remote access to backup archives created by a user with elevated permissions. Depending on the content of the backup archive, the attacker may have been able to access sensitive data.
Problem types
CWE-284 Improper Access Control
Product status
2.6.0
3.6.0
References
psirt.bosch.com/security-advisories/BOSCH-SA-129652.html
