CVE-2021-45787 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.4 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 40%

Vendor	Product	Version
maccms	maccms	10.0
maccms	maccms	10.0:2018.03.15
maccms	maccms	10.0:2018.03.21
maccms	maccms	10.0:2018.04.02
maccms	maccms	10.0:2018.05.01
maccms	maccms	10.0:2018.05.02.1005
maccms	maccms	10.0:2018.05.03.0000
maccms	maccms	10.0:2018.05.04.1320
maccms	maccms	10.0:2018.05.07.1213
maccms	maccms	10.0:2018.05.08.2020
maccms	maccms	10.0:2018.05.09.1320
maccms	maccms	10.0:2018.05.11.2300
maccms	maccms	10.0:2018.05.15.1403
maccms	maccms	10.0:2018.05.17.1050
maccms	maccms	10.0:2018.05.22.1338
maccms	maccms	10.0:2018.05.30.1007
maccms	maccms	10.0:2018.06.04.1510
maccms	maccms	10.0:2018.06.08.1339
maccms	maccms	10.0:2018.06.12.1430
maccms	maccms	10.0:2018.06.15.0910
maccms	maccms	10.0:2018.06.29.1425
maccms	maccms	10.0:2018.07.29.1010
maccms	maccms	10.0:2018.08.14.0955
maccms	maccms	10.0:2018.08.24.1355
maccms	maccms	10.0:2018.08.25.1120
maccms	maccms	10.0:2018.09.03.0920
maccms	maccms	10.0:2018.09.14.0850
maccms	maccms	10.0:2018.09.28.0950
maccms	maccms	10.0:2018.10.09.1333
maccms	maccms	10.0:2018.10.13.1025
maccms	maccms	10.0:2018.10.22.1200
maccms	maccms	10.0:2018.10.31.1340
maccms	maccms	10.0:2018.11.18.0920
maccms	maccms	10.0:2018.12.05.0950
maccms	maccms	10.0:2018.12.13.2151
maccms	maccms	10.0:2019.00.00.1001
maccms	maccms	10.0:2019.00.00.1002
maccms	maccms	10.0:2019.00.00.1003
maccms	maccms	10.0:2019.00.00.1004
maccms	maccms	10.0:2019.00.00.1005
maccms	maccms	10.0:2019.00.00.1006
maccms	maccms	10.0:2019.00.00.1007
maccms	maccms	10.0:2019.00.00.1008
maccms	maccms	10.0:2019.01.19.1001
maccms	maccms	10.0:2019.0101.1001
maccms	maccms	10.0:2019.02.23.0850
maccms	maccms	10.0:2019.03.06.1617
maccms	maccms	10.0:2019.1000.1009
maccms	maccms	10.0:2019.1000.1010
maccms	maccms	10.0:2019.1000.1011
maccms	maccms	10.0:2019.1000.1012
maccms	maccms	10.0:2019.1000.1013
maccms	maccms	10.0:2019.1000.1014
maccms	maccms	10.0:2019.1000.1015
maccms	maccms	10.0:2019.1000.1016
maccms	maccms	10.0:2019.1000.1017
maccms	maccms	10.0:2019.1000.1018
maccms	maccms	10.0:2020.1000.1019
maccms	maccms	10.0:2020.1000.1020
maccms	maccms	10.0:2020.1000.1021
maccms	maccms	10.0:2020.1000.1022
maccms	maccms	10.0:2020.1000.1023
maccms	maccms	10.0:2020.1000.1024
maccms	maccms	10.0:2020.1000.1025
maccms	maccms	10.0:2020.1000.1027
maccms	maccms	10.0:2020.1000.1029
maccms	maccms	10.0:2020.1000.1031
maccms	maccms	10.0:2020.1000.1032
maccms	maccms	10.0:2020.1000.1033
maccms	maccms	10.0:2020.1000.1034
maccms	maccms	10.0:2020.1000.1035
maccms	maccms	10.0:2020.1000.1039
maccms	maccms	10.0:2020.1000.1042
maccms	maccms	10.0:2020.1000.1051
maccms	maccms	10.0:2020.1000.1060
maccms	maccms	10.0:2020.1000.1062
maccms	maccms	10.0:2020.1000.1068
maccms	maccms	10.0:2020.1000.1068b
maccms	maccms	10.0:2020.1000.1069
maccms	maccms	10.0:2020.1000.1074
maccms	maccms	10.0:2020.1000.1075
maccms	maccms	10.0:2020.1000.1080
maccms	maccms	10.0:2020.1000.1081
maccms	maccms	10.0:2021.1000.1081
maccms	maccms	10.0:2022.1000.1099
maccms	maccms	10.0:2022.1000.3001
maccms	maccms	10.0:2022.1000.3002
maccms	maccms	10.0:2022.1000.3004
maccms	maccms	10.0:2022.1000.3005
maccms	maccms	10.0:2022.1000.3025

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

https://github.com/magicblack/maccms10/issues/746