Enhancement: cves/2021/CVE-2021-29441.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-17 14:34:14 -04:00
parent 911f1c43cf
commit 0d1b8be2ec
1 changed files with 5 additions and 2 deletions

View File

@ -1,7 +1,7 @@
id: CVE-2021-29441 id: CVE-2021-29441
info: info:
name: Nacos prior to 1.4.1 Authentication Bypass name: Nacos <1.4.1 - Authentication Bypass
author: dwisiswant0 author: dwisiswant0
severity: critical severity: critical
description: | description: |
@ -14,6 +14,7 @@ info:
This issue may allow any user to carry out any administrative tasks on the Nacos server. This issue may allow any user to carry out any administrative tasks on the Nacos server.
reference: reference:
- https://securitylab.github.com/advisories/GHSL-2020-325_326-nacos/ - https://securitylab.github.com/advisories/GHSL-2020-325_326-nacos/
-
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8 cvss-score: 9.8
@ -52,4 +53,6 @@ requests:
- type: word - type: word
words: words:
- "application/json" - "application/json"
part: header part: header
# Enhanced by mp on 2022/05/17