CVE CVE-2020-5539 Mappings

GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-5539 GRANDIT uncategorized T1068 Exploitation for Privilege Escalation
CVE-2020-5539 GRANDIT uncategorized T1565.001 Stored Data Manipulation
CVE-2020-5539 GRANDIT uncategorized T1005 Data from Local System