The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter.
References
Link | Resource |
---|---|
https://github.com/jet-pentest/CVE-2021-3131 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-13T15:46:02
Updated: 2021-01-13T15:46:02
Reserved: 2021-01-12T00:00:00
Link: CVE-2021-3131
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-13T16:15:14.553
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-3131
JSON object: View
Redhat Information
No data.
CWE