CVE-2021-39271 in BSCW Classicinfo

Zusammenfassung

von MITRE • 30.08.2021

OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution (RCE) during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

18.08.2021

Veröffentlichung

30.08.2021

Moderieren

akzeptiert

Eintrag

VDB-181636

CPE

bereit

EPSS

0.03679

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!