CVE-2021-21798

{"id": "CVE-2021-21798", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2021-09-15T14:15:08.687", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1267", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1267", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-562"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger the vulnerability."}, {"lang": "es", "value": "Se presenta una vulnerabilidad explotable de retorno de direcci\u00f3n de variable de pila en la implementaci\u00f3n de JavaScript de Nitro Pro PDF. Un documento especialmente dise\u00f1ado puede causar que una variable de pila salga del \u00e1mbito, resultando en que la aplicaci\u00f3n haga referencia a un puntero obsoleto. Esto puede conllevar a una ejecuci\u00f3n de c\u00f3digo bajo el contexto de la aplicaci\u00f3n. Un atacante puede convencer a un usuario de que abra un documento para desencadenar la vulnerabilidad"}], "lastModified": "2024-11-21T05:48:59.680", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gonitro:nitro_pro:13.31.0.605:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C22031F-7885-4179-A5FE-5C10D4726D9E"}, {"criteria": "cpe:2.3:a:gonitro:nitro_pro:13.33.2.645:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1773388D-EF11-46C9-B386-7AFD3DCBFC20"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}