admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-259xx/CVE-2021-25991.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

145 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-25991",
"sourceIdentifier": "vulnerabilitylab@mend.io",
"published": "2021-12-29T09:15:09.467",
"lastModified": "2022-01-10T16:29:47.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme."
},
{
"lang": "es",
"value": "En \"Ifme\", versiones v5.0.0 hasta v7.32, son vulnerables frente a un control de acceso inapropiado, que hace posible que administradores se auto proh\u00edban conllevando a su deshabilitaci\u00f3n de la cuenta de \"Ifme\" y la p\u00e9rdida completa del acceso de administrador en \"Ifme\""
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
},
{
"source": "vulnerabilitylab@mend.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "vulnerabilitylab@mend.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:if-me:ifme:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "7.32",
"matchCriteriaId": "A40185B0-74EF-455B-AF14-9AA5F3E55B88"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ifmeorg/ifme/commit/d1f570c458d41667df801fc9c40a18b181a2d923",
"source": "vulnerabilitylab@mend.io",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25991",
"source": "vulnerabilitylab@mend.io",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink