CVE-2021-34823

{"id": "CVE-2021-34823", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2021-08-13T17:15:16.527", "references": [{"url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29105", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29105", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "The ON24 ScreenShare (aka DesktopScreenShare.app) plugin before 2.0 for macOS allows remote file access via its built-in HTTP server. This allows unauthenticated remote users to retrieve files accessible to the logged-on macOS user. When a remote user sends a crafted HTTP request to the server, it triggers a code path that will download a configuration file from a specified remote machine over HTTP. There is an XXE flaw in processing of this configuration file that allows reading local (to macOS) files and uploading them to remote machines."}, {"lang": "es", "value": "El plugin ON24 ScreenShare (tambi\u00e9n se conoce como DesktopScreenShare.app) versiones anteriores a 2.0 para macOS permite el acceso remoto a archivos por medio de su servidor HTTP incorporado. Esto permite a usuarios remotos no autenticados recuperar archivos accesibles para el usuario de macOS que ha iniciado la sesi\u00f3n. Cuando un usuario remoto env\u00eda una petici\u00f3n HTTP dise\u00f1ada al servidor, desencadena una ruta de c\u00f3digo que descargar\u00e1 un archivo de configuraci\u00f3n de una m\u00e1quina remota especificada a trav\u00e9s de HTTP. Se presenta un fallo de tipo XXE en el procesamiento de este archivo de configuraci\u00f3n que permite leer archivos locales (para macOS) y cargarlos en m\u00e1quinas remotas."}], "lastModified": "2024-11-21T06:11:16.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:on24:screenshare:*:*:*:*:*:macos:*:*", "vulnerable": true, "matchCriteriaId": "686D66ED-B4D7-4770-B983-5D2FF7E2AE2E", "versionEndExcluding": "2.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}