CVE-2021-28271

Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the 'F' flag (Full) for 'Everyone'and 'Authenticated Users' group.

CVSS v3 8.8 HIGH
CVSS v2.0 6.5 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.exploit-db.com/exploits/49678	Exploit Third Party Advisory VDB Entry
https://www.zeroscience.mk/en/vulnerabilities	Exploit Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5633.php	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:soyal:701clientsql::::::::
	cpe:2.3:a:soyal:701server::::::::
	cpe:2.3:a:soyal:701serversql::::::::

History

No history.

Information

Published : 2021-04-27 13:15

Updated : 2024-02-28 18:28

NVD link : CVE-2021-28271

Mitre link : CVE-2021-28271

CVE.ORG link : CVE-2021-28271

JSON object : View

Products Affected

soyal

701serversql
701server
701clientsql

CWE

CWE-276

Incorrect Default Permissions

{"id": "CVE-2021-28271", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2021-04-27T13:15:08.373", "references": [{"url": "https://www.exploit-db.com/exploits/49678", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5633.php", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-276"}]}], "descriptions": [{"lang": "en", "value": "Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the 'F' flag (Full) for 'Everyone'and 'Authenticated Users' group."}, {"lang": "es", "value": "Soyal Technologies SOYAL versi\u00f3n 701Server 9.0.1, sufre de una vulnerabilidad de escalada de privilegios que puede ser usada por un usuario autenticado para cambiar el archivo ejecutable con una opci\u00f3n binaria. La vulnerabilidad es debido a permisos inapropiados con el flag \"F\" (Full) para el grupo \"Everyone\" y \"Authenticated Users\""}], "lastModified": "2021-09-23T14:27:05.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:soyal:701clientsql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D87218FA-E4CB-4013-936D-2E2EABE5A081", "versionEndExcluding": "10.2", "versionStartIncluding": "10.0"}, {"criteria": "cpe:2.3:a:soyal:701server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B852C725-1128-4D4D-B991-BA07AB1B9A8B", "versionEndIncluding": "9.0.2"}, {"criteria": "cpe:2.3:a:soyal:701serversql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59788149-3C92-4A5F-81AB-9F320ED4CD33", "versionEndExcluding": "10.2", "versionStartIncluding": "10.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}