CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-32016

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem (with user-controlled content) via directory traversal, potentially leading to remote code and command execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.2%

CVSS Severity

CVSS v3 Score 9.9

CVSS v2 Score 6.5

References

https://cds.thalesgroup.com/en/tcs-cert/CVE-2021-32016
https://excellium-services.com/cert-xlm-advisory/cve-2021-32016/
https://excellium-services.com/cert-xlm-advisory/cve-2021-32016/

Products affected by CVE-2021-32016

Jump-Technology » Asset Management » Version: 3.6.0.04.009-2487

cpe:2.3:a:jump-technology:asset_management:3.6.0.04.009-2487

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32016

Products

Pricing

Contact Us