Lucene search
MitreCVE-2021-45789HistorySep 29, 2022 - 3:15 a.m.
CVE-2021-45789
2022-09-2903:15:14
mitre
web.nvd.nist.gov
17
4
cve-2021-45789
metersphere
arbitrary file read
vulnerability
file download
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.3
Confidence
High
EPSS
0.001
Percentile
32.8%
An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.
Affected configurations
Node
meterspheremetersphereMatch1.15.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| metersphere | metersphere | 1.15.4 | cpe:2.3:a:metersphere:metersphere:1.15.4:*:*:*:*:*:*:* |
Social References
More
Related
cvelist
cvelist
CVE-2021-45789
2021-12-27 11:51:55
osv
osv
CVE-2021-45789
2022-09-29 03:15:14
prion
prion
Arbitrary file deletion
2022-09-29 03:15:00
nvd
nvd
CVE-2021-45789
2022-09-29 03:15:14
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.3
Confidence
High
EPSS
0.001
Percentile
32.8%
Related for CVE-2021-45789