exploitDog

CVE-2019-25021

Опубликовано: 27 фев. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an attacker can access the OrientDB by providing admin as the admin password. A different password cannot be set because of the implementation in code.

Ссылки

https://suid.ch/research/CVE-2019-25021.html
Exploit
Third Party Advisory
https://suid.ch/research/CVE-2019-25021.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scytl:secure_vote:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00262

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-hrvc-r9q5-cgjx

github

больше 3 лет назад

An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an attacker can access the OrientDB by providing admin as the admin password. A different password cannot be set because of the implementation in code.

EPSS

Процентиль: 49%

0.00262

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-798