Lucene search
HistoryFeb 03, 2023 - 6:15 p.m.
CVE-2021-36544
cve-2021-36544
incorrect access control
tpcms 3.2
remote attack
sensitive information
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.2%
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL.
Affected configurations
Node
tpcms_projecttpcmsMatch3.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| tpcms_project:tpcms | tpcms project tpcms | eq | 3.2 |
Related
cvelist
cvelist
CVE-2021-36544
2023-02-03 00:00:00
cnvd
cnvd
TPCMS Access Control Error Vulnerability (CNVD-2023-09604)
2023-02-10 00:00:00
prion
prion
Improper access control
2023-02-03 18:15:00
nvd
nvd
CVE-2021-36544
2023-02-03 18:15:10
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.2%
Related for CVE-2021-36544