admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/22xxx/CVE-2021-22853.json

101 lines
3.3 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"CVE_data_meta": {
"AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2021-02-17T13:19:00.000Z",
"ID": "CVE-2021-22853",
"STATE": "PUBLIC",
"TITLE": "Soar Cloud System Co., Ltd. HR Portal - Broken Access Control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HR Portal",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "0",
"version_value": "7.3.2020.1013"
}
]
}
}
]
},
"vendor_name": "Soar Cloud System Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as users login information, further causing the login function not to work."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html",
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html"
},
{
"name": "https://www.chtsecurity.com/news/d334641f-2b28-4eab-a5ed-c6ec6740557e",
"refsource": "CONFIRM",
"url": "https://www.chtsecurity.com/news/d334641f-2b28-4eab-a5ed-c6ec6740557e"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to version 7.3.2020.1110"
}
],
"source": {
"advisory": "TVN-202101007",
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink