CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42115

Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an unauthenticated remote attacker to escalate privileges from unauthenticated to authenticated user via stealing and injecting the session- independent and static cookie UID.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.3%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.4

References

Products affected by CVE-2021-42115

Businessdnasolutions » Topease » Version: 7.0.0

cpe:2.3:a:businessdnasolutions:topease:7.0.0
Businessdnasolutions » Topease » Version: 7.0.1

cpe:2.3:a:businessdnasolutions:topease:7.0.1
Businessdnasolutions » Topease » Version: 7.0.2

cpe:2.3:a:businessdnasolutions:topease:7.0.2
Businessdnasolutions » Topease » Version: 7.0.3

cpe:2.3:a:businessdnasolutions:topease:7.0.3
Businessdnasolutions » Topease » Version: 7.0.4

cpe:2.3:a:businessdnasolutions:topease:7.0.4
Businessdnasolutions » Topease » Version: 7.0.5

cpe:2.3:a:businessdnasolutions:topease:7.0.5
Businessdnasolutions » Topease » Version: 7.0.6

cpe:2.3:a:businessdnasolutions:topease:7.0.6
Businessdnasolutions » Topease » Version: 7.0.7

cpe:2.3:a:businessdnasolutions:topease:7.0.7
Businessdnasolutions » Topease » Version: 7.1.0

cpe:2.3:a:businessdnasolutions:topease:7.1.0
Businessdnasolutions » Topease » Version: 7.1.1

cpe:2.3:a:businessdnasolutions:topease:7.1.1
Businessdnasolutions » Topease » Version: 7.1.10

cpe:2.3:a:businessdnasolutions:topease:7.1.10
Businessdnasolutions » Topease » Version: 7.1.11

cpe:2.3:a:businessdnasolutions:topease:7.1.11
Businessdnasolutions » Topease » Version: 7.1.12

cpe:2.3:a:businessdnasolutions:topease:7.1.12
Businessdnasolutions » Topease » Version: 7.1.13

cpe:2.3:a:businessdnasolutions:topease:7.1.13
Businessdnasolutions » Topease » Version: 7.1.14

cpe:2.3:a:businessdnasolutions:topease:7.1.14
Businessdnasolutions » Topease » Version: 7.1.2

cpe:2.3:a:businessdnasolutions:topease:7.1.2
Businessdnasolutions » Topease » Version: 7.1.21

cpe:2.3:a:businessdnasolutions:topease:7.1.21
Businessdnasolutions » Topease » Version: 7.1.22

cpe:2.3:a:businessdnasolutions:topease:7.1.22
Businessdnasolutions » Topease » Version: 7.1.23

cpe:2.3:a:businessdnasolutions:topease:7.1.23
Businessdnasolutions » Topease » Version: 7.1.24

cpe:2.3:a:businessdnasolutions:topease:7.1.24
Businessdnasolutions » Topease » Version: 7.1.25

cpe:2.3:a:businessdnasolutions:topease:7.1.25
Businessdnasolutions » Topease » Version: 7.1.26

cpe:2.3:a:businessdnasolutions:topease:7.1.26
Businessdnasolutions » Topease » Version: 7.1.27

cpe:2.3:a:businessdnasolutions:topease:7.1.27
Businessdnasolutions » Topease » Version: 7.1.3

cpe:2.3:a:businessdnasolutions:topease:7.1.3
Businessdnasolutions » Topease » Version: 7.1.4

cpe:2.3:a:businessdnasolutions:topease:7.1.4
Businessdnasolutions » Topease » Version: 7.1.5

cpe:2.3:a:businessdnasolutions:topease:7.1.5
Businessdnasolutions » Topease » Version: 7.1.6

cpe:2.3:a:businessdnasolutions:topease:7.1.6
Businessdnasolutions » Topease » Version: 7.1.7

cpe:2.3:a:businessdnasolutions:topease:7.1.7
Businessdnasolutions » Topease » Version: 7.1.8

cpe:2.3:a:businessdnasolutions:topease:7.1.8
Businessdnasolutions » Topease » Version: 7.1.9

cpe:2.3:a:businessdnasolutions:topease:7.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42115

Products

Pricing

Contact Us