Vulnerability Description
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hms-Networks | Ecatcher | <= 6.6.4 |
Related Weaknesses (CWE)
References
- https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-Vendor Advisory
- https://labs.bishopfox.com/advisoriesThird Party Advisory
- https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4ExploitThird Party Advisory
- https://www.ewon.biz/about-us/securityVendor Advisory
- https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcherVendor Advisory
- https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-Vendor Advisory
- https://labs.bishopfox.com/advisoriesThird Party Advisory
- https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4ExploitThird Party Advisory
- https://www.ewon.biz/about-us/securityVendor Advisory
- https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcherVendor Advisory
FAQ
What is CVE-2021-33214?
CVE-2021-33214 is a vulnerability with a CVSS score of 6.1 (MEDIUM). In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or...
How severe is CVE-2021-33214?
CVE-2021-33214 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-33214?
Check the references section above for vendor advisories and patch information. Affected products include: Hms-Networks Ecatcher.