← Retour aux CVEs
CVE-2021-36723
MEDIUM6.1
Description
Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service.
Details CVE
Score CVSS v3.16.1
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie12/29/2021
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
emuse_-_eservices_\/_envoice_project:emuse_-_eservices_\/_envoice
Faiblesses (CWE)
CWE-359CWE-200
References
https://www.gov.il/en/departments/faq/cve_advisories(cna@cyber.gov.il)
https://www.gov.il/en/departments/faq/cve_advisories(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.