CVE-2021-21403 HIGH

CVE-2021-21403: Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server

Vendor Kongchuanhujiao
Product server
Weakness CWE-305
Published March 26, 2021
Last update August 3, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.

Key dates

02Disclosure timeline

March 26, 2021 CVE published
August 3, 2024 Record updated