CVE-2021-27664
Description
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
References
MitigationThird Party AdvisoryUS Government Resource
Vendor Advisory
CvssV3 impact
BaseSeverity | CRITICAL |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | HIGH |
IntegrityImpact | HIGH |
PrivilegesRequired | NONE |
BaseScore | 9.8 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Version | 3.1 |
UserInteraction | NONE |
CvssV2 impact
AccessComplexity | MEDIUM |
ConfidentialityImpact | PARTIAL |
AvailabilityImpact | PARTIAL |
IntegrityImpact | PARTIAL |
BaseScore | 6.8 |
VectorString | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | NONE |