CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-45891

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://syss.de
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-063.txt
https://syss.de
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-063.txt

Products affected by CVE-2021-45891

Zauner » Arc » Version: 4.2.0.4

cpe:2.3:a:zauner:arc:4.2.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-45891

Products

Pricing

Contact Us