CVE-2021-3285

EUVD-2021-26620
jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
mitreCNA
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
ticode_composer_studio_intgrated_development_environment
8.0.0 ≤
𝑥
< 10.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sir.ext.ti.com/jira/browse/EXT_EP-10212
https://sir.ext.ti.com/jira/browse/EXT_EP-10212