Summary by aashutoshdevkota
An exposed administrative interface on a NASA-related subdomain was accessible with default credentials, allowing unauthorized admin access. The issue was reported through responsible disclosure and has since been fixed.
Critical Admin Access Vulnerability on NASA’s *.satcorps.smce.nasa.gov Subdomain
Disclosed by aashutoshdevkota- Engagement National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program
- Disclosed date about 1 month ago
- Priority P1 Bugcrowd's VRT priority rating
- Status Resolved This vulnerability has been accepted and fixed