CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-29396

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile10.10th
Published2022年2月4日
Last Modified2024年11月21日

Vulnerability Description

Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use various functionalities without authentication.

Affected Platforms (CPE)

📦
Globalnorthstar

Northstar Club Management

= 6.3

References & Advisories

🔗 https://Ardent-Security.com
🔗 https://ardent-security.com/en/advisory/asa-2021-04/
🔗 https://Ardent-Security.com
🔗 https://ardent-security.com/en/advisory/asa-2021-04/

関連する脆弱性情報

CVE-2021-293939.8

Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote ...

CVE-2021-293957.5

Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remot...

CVE-2021-293977.5

Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Managem...

CVE-2021-293946.5

Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote...