CVE-2021-32544 - Alert Detail - Security Database

5.4 - CVE-2021-32544 · Executive Summary · Security-Database Scoring CVSS v3 · Security-Database Scoring CVSS v2 · Detail · Original Source · CWE : Common Weakness ... Login |SearchHomeServicesSecurityDashboardvDNAMonitoringFeaturesvDNAMonitoringPricesAlertsAllAlertscveMicrosoft(Bulletin)Microsoft(SA)DebianMandrivaRedHatVU-CERTCiscoSunUbuntuGentooUS-CERTVMwareHPResourcesvDNA:VulnerabilityDNAAPIvDNA:VulnerabilityDNAAPIDocumentationCWE:CommonWeaknessEnumerationCAPEC:CommonPatternEnumerationDPE:DefaultPasswordEnumerationCPE:CommonPlateformEnumerationOVALRepositoryOVALDefinitionsCVSSv2CalculatorCVSSv3CalculatorBlogAboutUSAboutusContactsCVE:CommonVulnerabilityEnumerationCAPEC:CommonPatternEnumerationCWE:CommonWeaknessEnumerationOVAL:OpenVulnerabilityandAssessmentLanguage 5.4-CVE-2021-32544ExecutiveSummaryThisAlertisflaggedasTOP25CommonWeaknessEnumerationfromCWE/SANS.Formoreinformation,youcanreadthis.InformationsNameCVE-2021-32544FirstvendorPublication2021-05-11VendorCveLastvendorModification2021-05-14Security-DatabaseScoringCVSSv3Cvssvector:CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NOverallCVSSScore5.4BaseScore5.4EnvironmentalScore5.4impactSubScore2.7TemporalScore5.4ExploitabalitySubScore2.3 AttackVectorNetworkAttackComplexityLowPrivilegesRequiredLowUserInteractionRequiredScopeChangedConfidentialityImpactLowIntegrityImpactLowAvailabilityImpactNoneCalculatefullCVSS3.0VectorsscoresSecurity-DatabaseScoringCVSSv2Cvssvector:(AV:N/AC:M/Au:S/C:N/I:P/A:N)CvssBaseScore3.5AttackRangeNetworkCvssImpactScore2.9AttackComplexityMediumCvssExpoitScore6.8AuthenticationRequiressingleinstanceCalculatefullCVSS2.0VectorsscoresDetailSpecialcharactersofIGTsearchfunctioninigt+arenotfilteredinspecificfields,whichallowremoteauthenticatedattackerscaninjectmaliciousJavaScriptandcarryoutDOM-basedXSS(Cross-sitescripting)attacks.OriginalSource Url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32544CWE:CommonWeaknessEnumeration%IdName100%CWE-79FailuretoPreserveWebPageStructure('Cross-siteScripting') (CWE/SANSTop25)CPE:CommonPlatformEnumerationTypeDescriptionCountApplicationIgt+ProjectIgt+cpe:2.3:a:igt+_project:igt+:-:*:*:*:*:*:*:*1Sources(Detail)SourceUrlCONFIRMhttps://www.twcert.org.tw/tw/cp-132-4719-e298a-1.htmlAlertHistory Ifyouwanttoseefulldetailshistory,pleaseloginorregister. What'syourEmail?What'syourPassword?DateInformations02021-05-1500:22:48MultipleUpdates12021-05-1201:39:10MultipleUpdates22021-05-1201:39:08MultipleUpdates32021-05-1117:22:49MultipleUpdates42021-05-1112:38:50FirstinsertionGlobalInformationsTypeCountCWEID(s)1CPEID(s)1Sources(s)1RelatedN/AOpenStandardsPrevCVECommonVulnerabilityEnumerationCWECommonWeaknessEnumerationCPECommonPlateformEnumerationNextCOMPANYSecurity-DatabasehelpyourcorporationforeseeandavoidanysecurityrisksthatmayimpactyourITinfrastructureandbusinessapplications.STANDARDSRECENTPOSTSWorkingonCommonVulnerabilityScoringSystemv3integration01August2016CPEDeprecatedDictionaryintegration28June2016MENUCopyrightSecurity-Database2006-2022-Poweredbythemself;)in 0.0258s Facebookrsstwitterlinkedinmail