Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-44523

Опубликовано: 14 дек. 2021
Источник: nvd
CVSS3: 9.1
CVSS2: 6.4
EPSS Низкий

Описание

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal activity feed database. This could allow an unauthenticated remote attacker to read, modify or delete activity feed entries.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:siemens:sipass_integrated:2.76:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sipass_integrated:2.76:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*
cpe:2.3:a:siemens:siveillance_identity:*:*:*:*:*:*:*:*
Версия от 1.6 (включая) до 1.6.280.0 (включая)
cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 61%
0.0042
Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-668

Связанные уязвимости

github логотип

GHSA-wf58-48gj-3f44

github
около 4 лет назад

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal activity feed database. This could allow an unauthenticated remote attacker to read, modify or delete activity feed entries.

EPSS

Процентиль: 61%
0.0042
Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-668