NVD - CVE-2021-3731

Vulnerability Change Records for CVE-2021-3731

Change History

Initial Analysis by NIST 8/27/2021 11:16:41 AM

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Added	CVSS V2		NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Added	CWE		NIST CWE-1021
Added	CPE Configuration		OR cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.1.0 up to (including) 1.1.12 cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.2.0 up to (including) 1.2.26 cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.3.0 up to (including) 1.3.47 cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.4.0 up to (including) 1.4.42 cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.5.0 up to (including) 1.5.30 cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.6.0 up to (including) 1.6.33 cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.7.0 up to (including) 1.7.32 cpe:2.3:a:ledgersmb:ledgersmb::::::::* versions from (including) 1.8.0 up to (including) 1.8.17
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:10.0::::::: cpe:2.3:o:debian:debian_linux:11.0:::::::
Changed	Reference Type	https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888a No Types Assigned	https://huntr.dev/bounties/5664331d-f5f8-4412-8566-408f8655888a Third Party Advisory
Changed	Reference Type	https://ledgersmb.org/cve-2021-3731-clickjacking No Types Assigned	https://ledgersmb.org/cve-2021-3731-clickjacking Vendor Advisory
Changed	Reference Type	https://www.debian.org/security/2021/dsa-4962 No Types Assigned	https://www.debian.org/security/2021/dsa-4962 Third Party Advisory
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism