Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2021-37402
HistoryJul 22, 2021 - 5:15 p.m.

CVE-2021-37402

2021-07-2217:15:09
CWE-79
mitre
web.nvd.nist.gov
31
2
cve-2021-37402
ox app suite
xss
binary data
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.1%

JSON

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via binary data that is mishandled when the legacy dataretrieval endpoint has been enabled.

Affected configurations

Nvd
Node
open-xchangeopen-xchange_appsuiteMatch7.10.3-
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3patch_release5547
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3patch_release5572
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3patch_release5623
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3patch_release5653
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3patch_release5677
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3patch_release5720
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev1
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev10
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev11
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev12
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev13
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev14
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev15
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev16
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev17
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev18
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev19
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev2
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev20
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev21
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev22
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev23
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev24
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev25
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev26
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev27
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev28
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev29
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev3
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev30
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev31
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev4
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev5
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev6
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev7
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev8
OR
open-xchangeopen-xchange_appsuiteMatch7.10.3rev9
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4-
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev1
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev10
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev11
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev12
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev13
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev14
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev15
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev16
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev17
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev2
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev3
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev4
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev5
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev6
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev7
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev8
OR
open-xchangeopen-xchange_appsuiteMatch7.10.4rev9
VendorProductVersionCPE
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:-:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:patch_release5547:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:patch_release5572:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:patch_release5623:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:patch_release5653:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:patch_release5677:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:patch_release5720:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev1:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev10:*:*:*:*:*:*
open-xchangeopen-xchange_appsuite7.10.3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev11:*:*:*:*:*:*
Rows per page:
1-10 of 561

Social References

More

Related

prion 1
cvelist 1
nvd 1
prion
prion
Design/Logic Flaw
2021-07-22 17:15:00
cvelist
cvelist
CVE-2021-37402
2021-07-22 16:19:12
nvd
nvd
CVE-2021-37402
2021-07-22 17:15:09

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.1%

JSON
Related for CVE-2021-37402
prion1cvelist1nvd1