admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-327xx/CVE-2021-32713.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

141 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-32713",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-06-24T21:15:07.917",
"lastModified": "2021-07-01T19:36:34.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source eCommerce platform. Versions prior to 5.6.10 suffer from an authenticated stored XSS in administration vulnerability. Users are recommend to update to the version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview."
},
{
"lang": "es",
"value": "Shopware es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. Unas versiones anteriores a 5.6.10 sufren una vulnerabilidad de tipo XSS almacenado autentificado en la administraci\u00f3n. Se recomienda a usuarios actualizar a versi\u00f3n 5.6.10. Puede obtener la actualizaci\u00f3n a versi\u00f3n 5.6.10 regularmente por medio del Auto-Updater o directamente por medio del resumen de descargas"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.5
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.6.10",
"matchCriteriaId": "123208B1-959D-462E-A523-A4AFD3CD875A"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-05-2021",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/shopware/shopware/commit/a0850ffbc6f581a8eb8425cc2bf77a0715e21e12",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-f6p7-8xfw-fjqq",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink