Lucene search

[email protected]NVD:CVE-2021-25856

HistoryAug 11, 2023 - 2:15 p.m.

CVE-2021-25856

2023-08-1114:15:12

[email protected]

web.nvd.nist.gov

cve-2021-25856

file deletion

images.php

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

24.0%

JSON

An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php.

Affected configurations

Nvd

Node

supermicro-cms_projectsupermicro-cmsMatch3.11

VendorProductVersionCPE
supermicro-cms_projectsupermicro-cms3.11cpe:2.3:a:supermicro-cms_project:supermicro-cms:3.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
supermicro-cms_project	supermicro-cms	3.11	cpe:2.3:a:supermicro-cms_project:supermicro-cms:3.11:::::::*

References

github.com/pcmt/superMicro-CMS/issues/1

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

24.0%

JSON

Related for NVD:CVE-2021-25856

cve1 prion1 cvelist1