Lucene search

MitreCVE-2021-39285

HistorySep 07, 2021 - 1:15 p.m.

CVE-2021-39285

2021-09-0713:15:08

CWE-79

mitre

web.nvd.nist.gov

cve-2021-39285

xss

versa director

security

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

44.6%

JSON

A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration web interface URL to create a XSS based attack.

Affected configurations

Nvd

Node

versa-networksversa_directorMatch16.1r2build_s8

VendorProductVersionCPE
versa-networksversa_director16.1r2cpe:2.3:a:versa-networks:versa_director:16.1r2:build_s8:*:*:*:*:*:*

Vendor	Product	Version	CPE
versa-networks	versa_director	16.1r2	cpe:2.3:a:versa-networks:versa_director:16.1r2:build_s8::::::

References

github.com/pbgt/CVEs/blob/main/CVE-2021-39285.md

versa-networks.com

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

44.6%

JSON

Related for CVE-2021-39285