CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-27990

Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.4%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://appspace.com
https://github.com/syedsohaibkarim/PoC-BrokenAuth-AppSpace6.2.4
http://appspace.com
https://github.com/syedsohaibkarim/PoC-BrokenAuth-AppSpace6.2.4

Products affected by CVE-2021-27990

Appspace » Appspace » Version: 6.2.4

cpe:2.3:a:appspace:appspace:6.2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27990

Products

Pricing

Contact Us