admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-326xx/CVE-2021-32664.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

156 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-32664",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-10-19T18:15:07.853",
"lastModified": "2021-10-22T20:45:48.263",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Combodo iTop is an open source web based IT Service Management tool. In affected versions there is a XSS vulnerability on \"run query\" page when logged as administrator. This has been resolved in versions 2.6.5 and 2.7.5."
},
{
"lang": "es",
"value": "Combodo iTop es una herramienta de Administraci\u00f3n de Servicios de TI de c\u00f3digo abierto basada en la web. En las versiones afectadas se presenta una vulnerabilidad de tipo XSS en la p\u00e1gina \"run query\" cuando se inicia la sesi\u00f3n como administrador. Esto ha sido resuelto en versiones 2.6.5 y 2.7.5"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.7,
"impactScore": 5.8
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.5
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:-:*:*:*",
"versionEndExcluding": "2.6.5",
"matchCriteriaId": "AAB96E6A-21B3-40F1-9833-629464EE4710"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:-:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.7.5",
"matchCriteriaId": "CD3B1BB6-B0AB-49F6-A327-DAC73045502B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Combodo/iTop/commit/4f5c987d8b1bd12814dc606ea69b6cfb88490704",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/Combodo/iTop/commit/84741c19f0af6fa8e7082a8807eb089182e7b88a",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/Combodo/iTop/commit/86f649affc12b5078efc86d9439d67d98f4cb2f6",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/Combodo/iTop/security/advisories/GHSA-j758-ggwg-9mpj",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink