admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-281xx/CVE-2021-28124.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

120 lines
3.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-28124",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-04-02T15:15:13.317",
"lastModified": "2022-07-12T17:42:04.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A man-in-the-middle vulnerability in Cohesity DataPlatform support channel in version 6.3 up to 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. Missing server authentication in impacted versions can allow an attacker to Man-in-the-middle (MITM) support channel UI session to Cohesity DataPlatform cluster."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo man-in-the-middle en el canal de soporte de Cohesity DataPlatform versiones 6.3 hasta 6.3.1g, versiones 6.4 hasta 6.4.1cy, versiones 6.5.1 hasta 6.5.1b. Una falta de autenticaci\u00f3n del servidor en versiones afectadas puede permitir a un atacante tenga acceso de tipo Man-in-the-middle (MITM) en una sesi\u00f3n del canal de soporte de la Interfaz de Usuario en el cl\u00faster Cohesity DataPlatform."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cohesity:cohesity_dataplatform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndIncluding": "6.3.1g",
"matchCriteriaId": "E916355C-0164-402B-96E1-18BCAE584A24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cohesity:cohesity_dataplatform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndIncluding": "6.4.1c",
"matchCriteriaId": "1DC79961-9B21-4D13-97C4-B845CF898149"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cohesity:cohesity_dataplatform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5.1",
"versionEndIncluding": "6.5.1b",
"matchCriteriaId": "AA28ADD0-C186-42E1-A533-FDBE19E95673"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cohesity/SecAdvisory/blob/master/CVE-2021-28124.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink