CVE-2021-32453
Published May 17, 2021
Last updated a year ago
Overview
- Description
- SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attacker could exploit this vulnerability in order to obtain information about the device´s configuration.
- Source
- cve-coordination@incibe.es
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 3.3
- Impact score
- 1.4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sitel-sa:cap\\/prx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0B5B8AD2-407A-4663-8422-B27769EFC0C6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sitel-sa:cap\\/prx_firmware:5.2.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68BAF579-93DD-4CC3-AA6D-B96020C3F02B"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]