CVE-2021-3380

Medium

Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print…

mitre·CWE-639·Published 2021-11-10

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

159 chars

Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.

NVDen

159 chars

Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.

Una vulnerabilidad de referencia directa a objetos insegura (IDOR) en ICREM H8 SSRMS permite a atacantes revelar información confidencial por medio de la funcionalidad Print Invoice

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N