CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-36124

An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the ability for unauthenticated users to access pages that are vulnerable to attacks such as SQL injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/atredispartners/advisories/blob/master/ATREDIS-2021-0001.md
https://github.com/atredispartners/advisories/blob/master/ATREDIS-2021-0001.md

Products affected by CVE-2021-36124

Echobh » Sharecare » Version: 8.15.5

cpe:2.3:a:echobh:sharecare:8.15.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36124

Products

Pricing

Contact Us