Vulnerability Details CVE-2021-38615
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration endpoint allows any logged-in user (guest, standard, or admin) to view and modify information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.8%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 5.5
Products affected by CVE-2021-38615
-
cpe:2.3:a:eigentech:natural_language_processing:3.10.1