CVE-2021-32949

🗓️ 01 Apr 2022 22:17:09Reported by icscertType

An attacker can change designated path in MDT AutoSave v6.02.06 to replace existing file with malicious file

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-32949	2 Apr 202202:26	–	circl
CNNVD	MDT AutoSave 路径遍历漏洞	8 Jul 202100:00	–	cnnvd
Cvelist	CVE-2021-32949 MDT AutoSave Relative Path Traversal	1 Apr 202222:17	–	cvelist
EUVD	EUVD-2021-19670	7 Oct 202500:30	–	euvd
ICS	MDT AutoSave	8 Jul 202100:00	–	ics
NVD	CVE-2021-32949	1 Apr 202223:15	–	nvd
OSV	CVE-2021-32949	1 Apr 202223:15	–	osv
Prion	Path traversal	1 Apr 202223:15	–	prion
RedhatCVE	CVE-2021-32949	22 May 202521:17	–	redhatcve
Vulnrichment	CVE-2021-32949 MDT AutoSave Relative Path Traversal	1 Apr 202222:17	–	vulnrichment

NVD

Vulners

Node

auvesy-mdt autosaveRange<6.02.06

auvesy-mdt autosaveRange7.00–7.04

auvesy-mdt autosave_for_system_platformRange<4.01

auvesy-mdt autosave_for_system_platformMatch5.00

[
  {
    "product": "MDT AutoSave",
    "vendor": "MDT Software",
    "versions": [
      {
        "lessThan": "6.02.06",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "MDT AutoSave",
    "vendor": "MDT Software",
    "versions": [
      {
        "lessThan": "7.04",
        "status": "affected",
        "version": "7.00",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "AutoSave for System Platform (A4SP)",
    "vendor": "MDT Software",
    "versions": [
      {
        "lessThan": "4.01",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "A4SP",
    "vendor": "MDT Software",
    "versions": [
      {
        "status": "affected",
        "version": "5.00"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/uscert/ics/advisories/icsa-21-189-02

21 Nov 2024 06:07Current

7.5High risk

Vulners AI Score7.5

CVSS 25

CVSS 3.17.5

EPSS0.00298

SSVC