CVE-2021-20876 Vulnerability Details

  /     /     /  

CVE-2021-20876 Metadata Quick Info

CVE Published: 24/12/2021 | CVE Updated: 03/08/2024 | CVE Year: 2021
Source: jpcert | Vendor: Japan Total System Co.,Ltd. | Product: GroupSession Free edition, GroupSession byCloud, GroupSession ZION
Status : PUBLISHED

---

CVE-2021-20876 Description

Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an administrative privilege to obtain sensitive information stored in the hierarchy above the directory on the published site\'s server via unspecified vectors.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Path Traversal
Source: Japan Total System Co.,Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).