Lucene search
K

64 matches found

Prion
Prion
added 2021/03/26 10:15 p.m.17 views

Design/Logic Flaw

wire-server is an open-source back end for Wire, a secure collaboration platform. In wire-server from version 2021-02-16 and before version 2021-03-02, the client metadata of all users was exposed in the GET /users/list-clients endpoint. The endpoint could be used by any logged in user who could...

4CVSS6.4AI score0.01093EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/03/26 9:40 p.m.18 views

CVE-2021-21396 Bulk list client endpoint exposes too much metadata about a client

wire-server is an open-source back end for Wire, a secure collaboration platform. In wire-server from version 2021-02-16 and before version 2021-03-02, the client metadata of all users was exposed in the GET /users/list-clients endpoint. The endpoint could be used by any logged in user who could...

6.5CVSS6.6AI score0.01093EPSS
Exploits0References3
CVE
CVE
added 2021/03/26 9:40 p.m.233 views

CVE-2021-21396

The CVE-2021-21396 entry concerns wire-server, the backend for Wire. Affected version window is 2021-02-16 through 2021-03-02, where the GET /users/list-clients endpoint exposed client metadata for all users. Any logged-in user could request details of other users (no connection requirement) by g...

6.5CVSS6.4AI score0.01093EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/03/26 12:0 a.m.6 views

wire-server 信息泄露漏洞

Wire is a chat software by an individual developer. The software supports Web, WindowsiOS, Android, and OS X platforms, has a group feature, allows voice calls, sends photos, and its original greeting method, PING. An information disclosure vulnerability exists in wire-server, which stems from th...

6.5CVSS6.5AI score0.01093EPSS
Exploits0References4
Rows per page
Query Builder