CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-22853

The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.8%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 5.5

References

https://www.chtsecurity.com/news/d334641f-2b28-4eab-a5ed-c6ec6740557e
https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html
https://www.chtsecurity.com/news/d334641f-2b28-4eab-a5ed-c6ec6740557e
https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html

Products affected by CVE-2021-22853

Hr Portal Project » Hr Portal » Version: 7.3.2020.1013

cpe:2.3:a:hr_portal_project:hr_portal:7.3.2020.1013

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22853

Products

Pricing

Contact Us