All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-8079
HIGHpublished 2026-07-02 15:17 UTC · 2 days ago · modified 2026-07-03 04:17 UTC
8.7
CVSS / 10
// description
In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized access to sensitive data and unintended modifications to system configuration.
// weaknesses (CWE)
- CWE-863