CVE-2021-21783 CRITICAL

CVE-2021-21783

Vendor N/A
Product Genivia
Weakness CWE-680
Published March 25, 2021
Last update August 3, 2024

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

Key dates

02Disclosure timeline

March 25, 2021 CVE published
August 3, 2024 Record updated