CVE-2021-43978

Опубликовано: 08 дек. 2021

Источник: nvd

CVSS3: 7.1

CVSS3: 8.1

CVSS2: 5.5

EPSS Низкий

Описание

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials.

Ссылки

https://cds.thalesgroup.com/en/tcs-cert/CVE-2021-43978
https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978
Patch
Third Party Advisory
https://www.allegro.be/
Vendor Advisory
https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978
Patch
Third Party Advisory
https://www.allegro.be/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:allegro:allegro:3.3.4152.0:*:*:*:*:windows:*:*

EPSS

Процентиль: 45%

0.0022

Низкий

7.1 High

CVSS3

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-522

Связанные уязвимости

GHSA-x8r9-m3mh-g58r

CVSS3: 8.1

github

около 4 лет назад

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials.

EPSS

Процентиль: 45%

0.0022

Низкий

7.1 High

CVSS3

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-522