Lucene search
@huntrdevCVELIST:CVE-2021-4111HistoryDec 15, 2021 - 8:55 a.m.
CVE-2021-4111 Business Logic Errors in yetiforcecompany/yetiforcecrm
2021-12-1508:55:11
CWE-840
@huntrdev
www.cve.org
7
cve-2021-4111
business logic errors
yetiforcecompany/yetiforcecrm
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
4.9
Confidence
High
EPSS
0.001
Percentile
21.0%
yetiforcecrm is vulnerable to Business Logic Errors
CNA Affected
[
{
"product": "yetiforcecompany/yetiforcecrm",
"vendor": "yetiforcecompany",
"versions": [
{
"lessThan": "6.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
osv
osv
YetiForceCRM is vulnerable to Business Logic Errors because product amount can be a negative number
2021-12-16 21:01:15
CVE-2021-4111
2021-12-15 09:15:06
cve
cve
CVE-2021-4111
2021-12-15 09:15:06
nvd
nvd
CVE-2021-4111
2021-12-15 09:15:06
veracode
veracode
Denial Of Service (DoS)
2021-12-16 05:55:46
prion
prion
Code injection
2021-12-15 09:15:00
github
github
huntr
huntr
Business Logic Errors in yetiforcecompany/yetiforcecrm
2021-12-10 19:05:40
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
4.9
Confidence
High
EPSS
0.001
Percentile
21.0%
Related for CVELIST:CVE-2021-4111