Lucene search

MitreCVE-2021-3285

HistoryJan 26, 2021 - 6:16 p.m.

CVE-2021-3285

2021-01-2618:16:29

CWE-295

mitre

web.nvd.nist.gov

cve-2021-3285

jxbrowser

code composer studio

ide

https

x.509 certificate

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

35.9%

JSON

jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS.

Affected configurations

Nvd

Node

ticode_composer_studio_intgrated_development_environmentRange8.0.0–10.1.1

VendorProductVersionCPE
ticode_composer_studio_intgrated_development_environment*cpe:2.3:a:ti:code_composer_studio_intgrated_development_environment:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ti	code_composer_studio_intgrated_development_environment	*	cpe:2.3:a:ti:code_composer_studio_intgrated_development_environment::::::::

References

sir.ext.ti.com/jira/browse/EXT_EP-10212

Social References

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

35.9%

JSON

Related for CVE-2021-3285