Lucene search

MitreCVE-2021-22267

HistoryFeb 09, 2021 - 7:15 p.m.

CVE-2021-22267

2021-02-0919:15:13

CWE-294

mitre

web.nvd.nist.gov

cve

2021

22267

remote replay attack

idelji web viewpoint suite

hpe nonstop

t0320l01

t0952l01

t0986l01

t0665l01

t0662l01

t0320h01

t0952h01

t0986h01

t0665h01

t0662h01

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.8%

JSON

Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO through T0320H01^ABY, T0952H01^AAG through T0952H01^AAQ, T0986H01 through T0986H01^AAE, T0665H01^AAO, and T0662H01^AAO (J and H).

Affected configurations

Nvd

Node

hpenonstopMatch-

AND

hpeweb_viewpointRange06.03–06.23.01

hpeweb_viewpointRange15.08.00–19.08.00

hpeweb_viewpointRanget0320h01\^abw–t0320h01\^acc

hpeweb_viewpointRanget0952h01\^aaq–t0952h01\^aaw

hpeweb_viewpointRanget0952l01\^aar–t0952l01\^aax

hpeweb_viewpointRanget0986h01\^aac–t0986h01\^aai

hpeweb_viewpointRanget0986l01\^aad–t0986l01\^aaj

hpeweb_viewpointMatch15.02.00

hpeweb_viewpointMatch15.02.01

hpeweb_viewpointMatcht0320l01\^aby

hpeweb_viewpointMatcht0320l01\^acd

VendorProductVersionCPE
hpenonstop-cpe:2.3:a:hpe:nonstop:-:*:*:*:*:*:*:*
hpeweb_viewpoint*cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*
hpeweb_viewpoint15.02.00cpe:2.3:a:hpe:web_viewpoint:15.02.00:*:*:*:*:*:*:*
hpeweb_viewpoint15.02.01cpe:2.3:a:hpe:web_viewpoint:15.02.01:*:*:*:*:*:*:*
hpeweb_viewpointt0320l01^abycpe:2.3:a:hpe:web_viewpoint:t0320l01\^aby:*:*:*:*:*:*:*
hpeweb_viewpointt0320l01^acdcpe:2.3:a:hpe:web_viewpoint:t0320l01\^acd:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hpe	nonstop	-	cpe:2.3:a:hpe:nonstop:-:::::::*
hpe	web_viewpoint	*	cpe:2.3:a:hpe:web_viewpoint::::::::
hpe	web_viewpoint	15.02.00	cpe:2.3:a:hpe:web_viewpoint:15.02.00:::::::*
hpe	web_viewpoint	15.02.01	cpe:2.3:a:hpe:web_viewpoint:15.02.01:::::::*
hpe	web_viewpoint	t0320l01^aby	cpe:2.3:a:hpe:web_viewpoint:t0320l01\^aby:::::::*
hpe	web_viewpoint	t0320l01^acd	cpe:2.3:a:hpe:web_viewpoint:t0320l01\^acd:::::::*

References

idelji.com

support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbns04076en_us

techpartner.ext.hpe.com/TechPartner/PartnerDetail.xhtml?Partner=Idelji

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.8%

JSON

Related for CVE-2021-22267