CVE-2021-21403

Critical

In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users…

GitHub_M·CWE-305·Published 2021-03-26

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

184 chars

In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.

NVDen

184 chars

In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.

### Impact Authentication Bypass by Primary Weakness (CWE-305) Commit: https://github.com/kongchuanhujiao/server/commit/9a125624f219e496bdf4b07b404816d5a309bdc1 ALL Users is impacted. ### Patches Yes, PLEASE UPGRADE TO v1.3.21-beta.d0ffc0a6

GHSAen

247 chars

NVDes

240 chars

En github.com/kongchuanhujiao/server versiones anteriores a 1.3.21, se presenta una Omisión de autenticación por una vulnerabilidad de Debilidad Primaria. Todos los usuarios están afectados. Esto es corregido en la versión 1.3.21.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Secondary	GHSA	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Secondary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N