CVE-2021-32017 CRITICAL

CVE-2021-32017

Vendor N/A
Product n/a
Published August 3, 2021
Last update May 30, 2025

CVSS base score

9.9/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N

What the vulnerability does

01Description

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files.

Key dates

02Disclosure timeline

August 3, 2021 CVE published
May 30, 2025 Record updated