Lucene search

SecomeaCVELIST:CVE-2021-32006

HistoryMar 07, 2022 - 3:08 p.m.

CVE-2021-32006 GateManager information leak for LinkManager Users

2022-03-0715:08:16

CWE-274

CWE-275

Secomea

www.cve.org

5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.0%

JSON

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files.

CNA Affected

[
  {
    "product": "GateManager",
    "vendor": "Secomea",
    "versions": [
      {
        "lessThanOrEqual": "9.6.621421014",
        "status": "affected",
        "version": "All",
        "versionType": "custom"
      }
    ]
  }
]

References

www.secomea.com/support/cybersecurity-advisory/

5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.0%

JSON

Related for CVELIST:CVE-2021-32006