CVE-2021-27570

{"id": "CVE-2021-27570", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2021-05-07T19:31:07.097", "references": [{"url": "https://axelp.io/MouseTrap", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://remotemouse.net/blog/", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://axelp.io/MouseTrap", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://remotemouse.net/blog/", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Emote Remote Mouse versiones hasta 3.015. Los atacantes pueden cerrar cualquier proceso en ejecuci\u00f3n mediante el env\u00edo del nombre del proceso en un paquete especialmente dise\u00f1ado. Esta informaci\u00f3n es enviada en texto sin cifrar y no est\u00e1 protegida por ninguna l\u00f3gica de autenticaci\u00f3n"}], "lastModified": "2024-11-21T05:58:12.663", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:remotemouse:emote_remote_mouse:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAFDED23-47FF-4A68-B8C9-3468AC941667", "versionEndIncluding": "3.015"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}