Modification of Assumed-Immutable Data (MAID)

CVE-2021-37193

Medium

4.3/10

Summary

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could manipulate certain parameters and set a valid user of the affected software as invalid (or vice-versa).

Attack Complexity: LOW
Attack Vector: ADJACENT_NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-471 - Modification of Assumed-Immutable Data (MAID)

The software does not properly protect an assumed-immutable element from being modified by an attacker.

References

Advisory Timeline

Published Sep 14, 2021

Modification of Assumed-Immutable Data (MAID)

CVE-2021-37193

Summary

CWE-471 - Modification of Assumed-Immutable Data (MAID)

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS