CVE-2021-32006

EPSS 0.62%
Veröffentlicht 10.03.2022 17:42:13
Zuletzt bearbeitet 21.11.2024 06:06:42
Quelle VulnerabilityReporting@secomea
CVE-Watchlists
Login
Unerledigt
Login

GateManager information leak for LinkManager Users

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 2 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Secomea ≫ Gatemanager Version <= 9.6.621421014

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.62%	0.447

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N
VulnerabilityReporting@secomea.com	5	3.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

CWE-274 Improper Handling of Insufficient Privileges

The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

https://www.secomea.com/support/cybersecurity-advisory/

Vendor Advisory

Not Applicable

https://nvd.nist.gov/vuln/detail/CVE-2021-32006

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-32006

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-32006

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-32006