CVE-2021-29396

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0740%

EPSS Percentile10.10th

PublishedFeb 4, 2022

Last ModifiedNov 21, 2024

Vulnerability Description

Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use various functionalities without authentication.

Affected Platforms (CPE)

📦

Globalnorthstar

Northstar Club Management

= 6.3

References & Advisories

🔗 https://Ardent-Security.com

🔗 https://ardent-security.com/en/advisory/asa-2021-04/

🔗 https://Ardent-Security.com

🔗 https://ardent-security.com/en/advisory/asa-2021-04/

Related Vulnerabilities

CVE-2021-293939.8

Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote ...

CVE-2021-293957.5

Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remot...

CVE-2021-293977.5

Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Managem...

CVE-2021-293946.5

Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote...