Basix NEX-Forms up to 7.8.7 Excel Report Generator improper authentication

EntryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in Basix NEX-Forms up to 7.8.7. This issue affects an unknown part of the component Excel Report Generator. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field07/19/2021 10:09 PM07/22/2021 10:41 AM
vendorBasixBasix
nameNEX-FormsNEX-Forms
version<=7.8.7<=7.8.7
componentExcel Report GeneratorExcel Report Generator
cwe287 (weak authentication)287 (weak authentication)
risk22
cvss3_vuldb_acLL
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rcRR
urlhttps://github.com/rauschecker/CVEs/tree/main/CVE-2021-34676https://github.com/rauschecker/CVEs/tree/main/CVE-2021-34676
cveCVE-2021-34676CVE-2021-34676
date1626645600 (07/19/2021)1626645600 (07/19/2021)
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcURUR
cvss2_vuldb_avAA
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss3_vuldb_avAA
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss2_vuldb_basescore5.25.2
cvss2_vuldb_tempscore4.94.9
cvss3_vuldb_basescore5.55.5
cvss3_vuldb_tempscore5.35.3
cvss3_meta_basescore5.55.5
cvss3_meta_tempscore5.35.3
price_0day$0-$5k$0-$5k
cve_assigned1623362400
cve_nvd_summaryBasix NEX-Forms through 7.8.7 allows authentication bypass for Excel report generation.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!