CVE-2021-27233

{"id": "CVE-2021-27233", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2021-02-16T04:15:12.923", "references": [{"url": "https://www.mutare.com/security-adv-mutare-2021-004-mutare-voice/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.mutare.com/security-adv-mutare-2021-004-mutare-voice/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Mutare Voice (EVM) versiones 3.x anteriores a 3.3.8. En el portal de administraci\u00f3n de la aplicaci\u00f3n web, la informaci\u00f3n de la contrase\u00f1a para sistemas externos es visible en texto sin cifrar. La p\u00e1gina Settings.asp est\u00e1 afectada por este problema"}], "lastModified": "2024-11-21T05:57:39.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mutare:voice:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A1EA71C-BD80-41D2-BD7E-8B9F30E758A3", "versionEndExcluding": "3.3.8", "versionStartIncluding": "3.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}