← Voltar para CVEs
CVE-2021-1537
MEDIUM6.2
Descricao
A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an unauthenticated, local attacker to access sensitive information that is contained in the ThousandEyes Recorder installer software. This vulnerability exists because sensitive information is included in the application installer. An attacker could exploit this vulnerability by downloading the installer and extracting its contents. A successful exploit could allow the attacker to access sensitive information that is included in the application installer.
Detalhes CVE
Pontuacao CVSS v3.16.2
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado6/4/2021
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
cisco:thousandeyes_recorder
Fraquezas (CWE)
CWE-522
Referencias
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-recorder-infodis-mx3ETTBM(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-recorder-infodis-mx3ETTBM(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.