Lucene search

MitreCVELIST:CVE-2021-36382

HistoryJul 12, 2021 - 1:04 p.m.

CVE-2021-36382

2021-07-1213:04:50

mitre

www.cve.org

2.6 Low

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.7%

JSON

Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).

References

devolutions.net/security/advisories/DEVO-2021-0005

2.6 Low

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.7%

JSON

Related for CVELIST:CVE-2021-36382