CVE-2021-33214 Information

Jun 07, 2022 cve

Description

In HMS Ewon eCatcher through 6.6.4 weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure modification of configuration files or disruption of normal system operation.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H

Reference

https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher https://labs.bishopfox.com/advisories https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001—ewon-ecatcher.pdf?sfvrsn=b37418d7_4 https://www.ewon.biz/about-us/security https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

HIGH

Base Severity

6.1

Share on: