1. Home
  2. CVE Database
  3. CVE-2021-40853
HIGH · 7.2

CVE-2021-40853

TCMAN GIM does not perform an authorization check when trying to access determined resources. A remote attacker could exploit this vulnerability to access URL that require privileges without having th...

Vulnerability Description

TCMAN GIM does not perform an authorization check when trying to access determined resources. A remote attacker could exploit this vulnerability to access URL that require privileges without having them. The exploitation of this vulnerability might allow a remote attacker to obtain sensible information.

CVSS Score

7.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
TcmanGim8.0

Related Weaknesses (CWE)

CWE-862

References

FAQ

What is CVE-2021-40853?

CVE-2021-40853 is a vulnerability with a CVSS score of 7.2 (HIGH). TCMAN GIM does not perform an authorization check when trying to access determined resources. A remote attacker could exploit this vulnerability to access URL that require privileges without having th...

How severe is CVE-2021-40853?

CVE-2021-40853 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-40853?

Check the references section above for vendor advisories and patch information. Affected products include: Tcman Gim.