CVE-2021-37500

{"id": "CVE-2021-37500", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2023-01-20T12:15:11.507", "references": [{"url": "http://reprise.com", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://reprisesoftware.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://reprise.com", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://reprisesoftware.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server."}, {"lang": "es", "value": "Vulnerabilidad de Directory Traversal en la interfaz web de Reprise License Manager (RLM) anterior a 14.2BL4 en la funci\u00f3n de diagn\u00f3stico que permite a los usuarios de RLM con privilegios suficientes sobrescribir cualquier archivo en el servidor."}], "lastModified": "2024-11-21T06:15:17.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7B5DC0A-B263-42A5-8FA4-4B992D9A16C5", "versionEndExcluding": "14.2bl4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}