CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-20874

Incorrect permission assignment for critical resource vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to access arbitrary files on the server and obtain sensitive information via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://groupsession.jp/info/info-news/security20211220
https://jvn.jp/en/jp/JVN79798166/index.html
https://groupsession.jp/info/info-news/security20211220
https://jvn.jp/en/jp/JVN79798166/index.html

Products affected by CVE-2021-20874

Groupsession » Groupsession » Version: Any

cpe:2.3:a:groupsession:groupsession:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20874

Products

Pricing

Contact Us