CVE-2021-32006

Published: Mar 10, 2022Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files.

Affected (1)

Products: Secomea: Gatemanager

Secomea

1 product

Gatemanager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Secomea Gatemanager	Up to 9.6.621421014

Related CWEs

CWE-274

Improper Handling of Insufficient Privileges

The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.

CWE-275

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://www.secomea.com/support/cybersecurity-advisory/

Source: VulnerabilityReporting@secomea.com

Not ApplicableVendor Advisory

https://www.secomea.com/support/cybersecurity-advisory/

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicableVendor Advisory

Timeline

No history available yet.