CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-31869

Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.4%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 5.0

References

https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/
https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/

Products affected by CVE-2021-31869

Pimcore » Adminbundle » Version: Any

cpe:2.3:a:pimcore:adminbundle:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-31869

Products

Pricing

Contact Us