CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-37517

An Access Control vulnerability exists in Dolibarr ERP/CRM 13.0.2, fixed version is 14.0.0,in the forgot-password function becuase the application allows email addresses as usernames, which can cause a Denial of Service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/Dolibarr/dolibarr/commit/b57eb8284e830e30eefb26e3c5ede076ea24037c
https://github.com/Dolibarr/dolibarr/commit/b57eb8284e830e30eefb26e3c5ede076ea24037c

Products affected by CVE-2021-37517

Dolibarr » Dolibarr Erp/crm » Version: 13.0.2

cpe:2.3:a:dolibarr:dolibarr_erp/crm:13.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-37517

Products

Pricing

Contact Us