exploitDog

CVE-2021-40851

Опубликовано: 17 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx. The exploitation of this vulnerability might allow a remote attacker to obtain information.

Ссылки

https://www.incibe-cert.es/en/early-warning/security-advisories/tcman-gim-sql-improper-authentication
Third Party Advisory
https://www.incibe-cert.es/en/early-warning/security-advisories/tcman-gim-sql-improper-authentication
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tcman:gim:8.0:*:*:*:*:*:*:*

cpe:2.3:a:tcman:gim:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00325

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287

CWE-287

Связанные уязвимости

GHSA-x5f7-m6j9-3793

github

около 4 лет назад

TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx. The exploitation of this vulnerability might allow a remote attacker to obtain information.

EPSS

Процентиль: 55%

0.00325

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287

CWE-287