Lucene search

[email protected]CVE-2021-27761

HistoryMay 06, 2022 - 6:15 p.m.

CVE-2021-27761

2022-05-0618:15:00

CWE-326

[email protected]

web.nvd.nist.gov

cve

2021

27761

weak tls

vulnerability

nvd

web transport security

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

51.0%

JSON

Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks

CPENameOperatorVersion
hcltech:bigfix_platformhcltech bigfix platformlt9.5.19
hcltech:bigfix_platformhcltech bigfix platformlt10.0.6

CPE	Name	Operator	Version
hcltech:bigfix_platform	hcltech bigfix platform	lt	9.5.19
hcltech:bigfix_platform	hcltech bigfix platform	lt	10.0.6

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098116

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

51.0%

JSON

Related for CVE-2021-27761

prion1 cvelist1