Total
4017 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44467 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 5.3 MEDIUM |
| A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-44460 | 1 Odoo | 1 Odoo | 2024-11-21 | N/A | 6.5 MEDIUM |
| Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows users with deactivated accounts to access the system with the deactivated account and any permission it still holds, via crafted RPC requests. | |||||
| CVE-2021-43986 | 1 Fanuc | 1 Roboguide | 2024-11-21 | 4.4 MEDIUM | 6.0 MEDIUM |
| The setup program for the affected product configures its files and folders with full access, which may allow unauthorized users permission to replace original binaries and achieve privilege escalation. | |||||
| CVE-2021-42855 | 1 Riverbed | 1 Steelcentral Appinternals Dynamic Sampling Agent | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map the corresponding ID to a command to be executed. | |||||
| CVE-2021-42808 | 2 Microsoft, Thalesgroup | 2 Windows, Sentinel Protection Installer | 2024-11-21 | 7.2 HIGH | 6.5 MEDIUM |
| Improper Access Control in Thales Sentinel Protection Installer could allow a local user to escalate privileges. | |||||
| CVE-2021-42360 | 1 Brainstormforce | 1 Starter Templates | 2024-11-21 | 3.5 LOW | 7.6 HIGH |
| On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page using the astra-page-elementor-batch-process AJAX action. An attacker could craft and host a block containing malicious JavaScript on a server they controlled, and then use it to overwrite any post or page by sending an AJAX request with the action set to astra-page-elementor-batch-process and the url parameter pointed to their remotely-hosted malicious block, as well as an id parameter containing the post or page to overwrite. Any post or page that had been built with Elementor, including published pages, could be overwritten by the imported block, and the malicious JavaScript in the imported block would then be executed in the browser of any visitors to that page. | |||||
| CVE-2021-42359 | 1 Legalweb | 1 Wp Dsgvo Tools | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, ‘admin-dismiss-unsubscribe‘, which lacked a capability check and a nonce check and was available to unauthenticated users, and did not check the post type when deleting unsubscription requests. As such, it was possible for an attacker to permanently delete an arbitrary post or page on the site by sending an AJAX request with the “action” parameter set to “admin-dismiss-unsubscribe” and the “id” parameter set to the post to be deleted. Sending such a request would move the post to the trash, and repeating the request would permanently delete the post in question. | |||||
| CVE-2021-42124 | 1 Ivanti | 1 Avalanche | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform a session takeover. | |||||
| CVE-2021-42116 | 1 Businessdnasolutions | 1 Topease | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Incorrect Access Control in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an authenticated remote attacker to view the Shape Editor and Settings, which are functionality for higher privileged users, via identifying said components in the front-end source code or other means. | |||||
| CVE-2021-42029 | 1 Siemens | 71 Simatic S7-1200 Cpu, Simatic S7-1200 Cpu 1211c, Simatic S7-1200 Cpu 1212c and 68 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server. | |||||
| CVE-2021-41834 | 1 Jfrog | 1 Artifactory | 2024-11-21 | 4.0 MEDIUM | 5.3 MEDIUM |
| JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation. | |||||
| CVE-2021-41543 | 1 Siemens | 2 Climatix Pol909, Climatix Pol909 Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access sensitive files. | |||||
| CVE-2021-41298 | 1 Ecoa | 5 Ecs Router Controller-ecs, Ecs Router Controller-ecs Firmware, Riskbuster and 2 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden resources in the system and execute privileged functionalities. | |||||
| CVE-2021-41194 | 1 Jupyterhub | 1 First Use Authenticator | 2024-11-21 | 6.8 MEDIUM | 9.1 CRITICAL |
| FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if `create_users=True` and the username is known or guessed. One may upgrade to version 1.0.0 or apply a patch manually to mitigate the vulnerability. For those who cannot upgrade, there is no complete workaround, but a partial mitigation exists. One can disable user creation with `c.FirstUseAuthenticator.create_users = False`, which will only allow login with fully normalized usernames for already existing users prior to jupyterhub-firstuserauthenticator 1.0.0. If any users have never logged in with their normalized username (i.e. lowercase), they will still be vulnerable until a patch or upgrade occurs. | |||||
| CVE-2021-40699 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A | 7.4 HIGH |
| ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment. | |||||
| CVE-2021-40416 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. All the Get APIs that are not included in cgi_check_ability are already executable by any logged-in users. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-40415 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. In cgi_check_ability the Format API does not have a specific case, the user permission will default to 7. This will give non-administrative users the possibility to format the SD card and reboot the device. | |||||
| CVE-2021-40414 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
| An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The SetMdAlarm API sets the movement detection parameters, giving the ability to set the sensitivity of the camera per a range of hours, and which of the camera spaces to ignore when considering movement detection. Because in cgi_check_ability the SetMdAlarm API does not have a specific case, the user permission will default to 7. This will give non-administrative users the possibility to change the movement detection parameters. | |||||
| CVE-2021-40413 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-11-21 | 6.5 MEDIUM | 7.1 HIGH |
| An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The UpgradePrepare is the API that checks if a provided filename identifies a new version of the RLC-410W firmware. If the version is new, it would be possible, allegedly, to later on perform the Upgrade. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-40405 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability. | |||||