CVE-2021-32937

🗓️ 01 Apr 2022 22:17:07Reported by icscertType

An attacker can gain knowledge of a session temporary working folder in MDT AutoSave v6.02.0

Reporter	Title	Published	Views	Family All 9
CNNVD	MDT AutoSave 信息泄露漏洞	8 Jul 202100:00	–	cnnvd
Cvelist	CVE-2021-32937 MDT AutoSave Generation of Error Message Containing Sensitive Information	1 Apr 202222:17	–	cvelist
EUVD	EUVD-2021-19658	7 Oct 202500:30	–	euvd
ICS	MDT AutoSave	8 Jul 202100:00	–	ics
NVD	CVE-2021-32937	1 Apr 202223:15	–	nvd
OSV	CVE-2021-32937	1 Apr 202223:15	–	osv
Prion	Command injection	1 Apr 202223:15	–	prion
RedhatCVE	CVE-2021-32937	22 May 202521:19	–	redhatcve
Vulnrichment	CVE-2021-32937 MDT AutoSave Generation of Error Message Containing Sensitive Information	1 Apr 202222:17	–	vulnrichment

NVD

Vulners

Node

auvesy-mdt autosaveRange<6.02.06

auvesy-mdt autosaveRange7.00–7.04

auvesy-mdt autosave_for_system_platformRange<4.01

auvesy-mdt autosave_for_system_platformMatch5.00

[
  {
    "product": "MDT AutoSave",
    "vendor": "MDT Software",
    "versions": [
      {
        "lessThan": "6.02.06",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "MDT AutoSave",
    "vendor": "MDT Software",
    "versions": [
      {
        "lessThan": "7.04",
        "status": "affected",
        "version": "7.00",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "AutoSave for System Platform (A4SP)",
    "vendor": "MDT Software",
    "versions": [
      {
        "lessThan": "4.01",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "A4SP",
    "vendor": "MDT Software",
    "versions": [
      {
        "status": "affected",
        "version": "5.00"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/uscert/ics/advisories/icsa-21-189-02

21 Nov 2024 06:07Current

7.9High risk

Vulners AI Score7.9

CVSS 25

CVSS 3.17.5

EPSS0.00205

SSVC

CWE-209