admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-360xx/CVE-2021-36038.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

138 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-36038",
"sourceIdentifier": "psirt@adobe.com",
"published": "2021-09-01T15:15:09.977",
"lastModified": "2021-09-08T17:07:55.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the Multishipping Module. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure."
},
{
"lang": "es",
"value": "Magento Commerce versiones 2.4.2 (y anteriores), versiones 2.4.2-p1 (y anteriores), y versiones 2.3.7 (y anteriores), est\u00e1n afectadas por una vulnerabilidad de comprobaci\u00f3n Inapropiada de Entrada en el m\u00f3dulo Multishipping. Un atacante autenticado podr\u00eda aprovechar esta vulnerabilidad para lograr la divulgaci\u00f3n de informaci\u00f3n confidencial"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:adobe_commerce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndIncluding": "2.3.7",
"matchCriteriaId": "72F005E6-8523-49FF-91F7-644BC737DDEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:adobe_commerce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndIncluding": "2.4.2",
"matchCriteriaId": "260156B9-9CEF-4732-AD94-7D3CCD784F1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:adobe_commerce:2.4.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "C711D725-10E3-4A9C-AAD8-9B1766CB42F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndIncluding": "2.3.7",
"matchCriteriaId": "052A5E47-66AF-4F60-8949-E2B6CE98AEE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndIncluding": "2.4.2",
"matchCriteriaId": "ADE9F2A6-575A-48DA-ACE4-B22ABB275B6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento_open_source:2.4.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "8F768F94-34F1-4FB8-8D96-3BBC9D6B8C89"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink