CVE-2021-32453

Published: May 17, 2021Modified: Nov 21, 2024

3.3

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attacker could exploit this vulnerability in order to obtain information about the device´s configuration.

Affected (1)

Products: Sitel Sa: Cap/prx Firmware

1 product

Cap/prx Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sitel Sa Cap/prx Firmware	Version 5.2.01

Running on/with	Platform Versions
Sitel Sa Cap/prx	All versions

Related CWEs

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (2)

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/sitel-capprx-information-exposure

Source: cve-coordination@incibe.es

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/sitel-capprx-information-exposure

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.