CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-36721

Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.6%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 5.0

References

https://www.gov.il/en/departments/faq/cve_advisories
https://www.gov.il/en/departments/faq/cve_advisories

Products affected by CVE-2021-36721

Sysaid » Application Programming Interface » Version: Any

cpe:2.3:a:sysaid:application_programming_interface:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36721

Products

Pricing

Contact Us