CVE-2021-4089

Опубликовано: 10 дек. 2021

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

snipe-it is vulnerable to Improper Access Control

Ссылки

https://github.com/snipe/snipe-it/commit/1699c09758e56f740437674a8d6ba36443399f24
Patch
Third Party Advisory
https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/snipe/snipe-it/commit/1699c09758e56f740437674a8d6ba36443399f24
Patch
Third Party Advisory
https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*

Версия до 5.3.3 (включая)

EPSS

Процентиль: 45%

0.00223

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-284

CWE-862

Связанные уязвимости

CVE-2021-4089

CVSS3: 4.3

debian

около 4 лет назад

snipe-it is vulnerable to Improper Access Control

GHSA-9vwf-54m9-gc4f

CVSS3: 4.3

github

около 4 лет назад

snipe-it is vulnerable to Improper Access Control

EPSS

Процентиль: 45%

0.00223

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-284

CWE-862