admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-12 02:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-276xx/CVE-2021-27615.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

149 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-27615",
"sourceIdentifier": "cna@sap.com",
"published": "2021-06-09T14:15:08.247",
"lastModified": "2021-06-16T00:41:13.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SAP Manufacturing Execution versions - 15.1, 1.5.2, 15.3, 15.4, does not contain some HTTP security headers in their HTTP response. The lack of these headers in response can be exploited by the attacker to execute Cross-Site Scripting (XSS) attacks."
},
{
"lang": "es",
"value": "SAP Manufacturing Execution: versiones 15.1, 1.5.2, 15.3, 15.4, no contienen algunos encabezados de seguridad HTTP en su respuesta HTTP. El atacante puede ser explotado por la falta de estos encabezados en respuesta para ejecutar ataques de tipo cross-site scripting (XSS)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.5
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:manufacturing_execution:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23297FB8-B4A8-4E84-80EE-67907C249A70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:manufacturing_execution:15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "87614D9A-544B-42FE-9C58-5389E3716240"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:manufacturing_execution:15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FC9087-C677-4AD0-8A06-93FC19E06409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:manufacturing_execution:15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF7662A-D692-450E-9BDD-82081B25BD17"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3030961",
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=578125999",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink