CVE-2021-45406

{"id": "CVE-2021-45406", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2022-01-14T20:15:14.937", "references": [{"url": "https://salonerp.sourceforge.io/", "tags": ["Product", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://sourceforge.net/projects/salonerp/files/latest/download", "tags": ["Product", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/50659", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql' parameter in SQL query while generating a report. Upon successfully discovering the login admin password hash, it can be decrypted to obtain the plain-text password."}, {"lang": "es", "value": "En SalonERP versi\u00f3n 3.0.1, una vulnerabilidad de inyecci\u00f3n SQL permite a un atacante inyectar carga \u00fatil usando el par\u00e1metro \"sql\" en la consulta SQL mientras es generado un informe. Si es detectado el hash de la contrase\u00f1a de administrador de inicio de sesi\u00f3n, puede descifrarse para obtener la contrase\u00f1a en texto plano"}], "lastModified": "2022-01-21T19:38:31.660", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:salonerp_project:salonerp:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FCD1235-22DF-4377-908B-204921E7EFDC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}