admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-360xx/CVE-2021-36044.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

138 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-36044",
"sourceIdentifier": "psirt@adobe.com",
"published": "2021-09-01T15:15:10.350",
"lastModified": "2021-09-08T15:00:46.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field."
},
{
"lang": "es",
"value": "Magento Commerce versiones 2.4.2 (y anteriores), versiones 2.4.2-p1 (y anteriores), y versiones 2.3.7 (y anteriores), est\u00e1n afectadas por una vulnerabilidad de comprobaci\u00f3n Inapropiada de Entrada. Un atacante no autenticado podr\u00eda abusar de esta vulnerabilidad para causar una denegaci\u00f3n de servicio del lado del servidor usando un campo GraphQL"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:adobe_commerce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndIncluding": "2.3.7",
"matchCriteriaId": "72F005E6-8523-49FF-91F7-644BC737DDEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:adobe_commerce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndIncluding": "2.4.2",
"matchCriteriaId": "260156B9-9CEF-4732-AD94-7D3CCD784F1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:adobe_commerce:2.4.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "C711D725-10E3-4A9C-AAD8-9B1766CB42F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndIncluding": "2.3.7",
"matchCriteriaId": "052A5E47-66AF-4F60-8949-E2B6CE98AEE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndIncluding": "2.4.2",
"matchCriteriaId": "ADE9F2A6-575A-48DA-ACE4-B22ABB275B6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento_open_source:2.4.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "8F768F94-34F1-4FB8-8D96-3BBC9D6B8C89"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink