CVE-2021-45036 - OpenCVE

Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Velneo	Vclient

Configuration 1 [-]

cpe:2.3:a:velneo:vclient:28.1.3:*:*:*:*:*:*:*

References

Link	Resource
https://doc.velneo.com/v/32/velneo-vserver/funcionalidades/protocolo-vatps	Vendor Advisory
https://doc.velneo.com/v/32/velneo/funcionalidades-comunes/conexion-con-velneo-vserver	Vendor Advisory
https://doc.velneo.com/v/32/velneo/notas-de-la-version#a-partir-de-esta-version-todos-los-servidores-arrancaran-con-protocolo-vatps	Vendor Advisory
https://doc.velneo.com/v/32/velneo/notas-de-la-version#mejoras-de-seguridad-en-validacion-de-usuario-y-contrasena	Release Notes Vendor Advisory
https://velneo.es/mivelneo/listado-de-cambios-velneo-32/	Release Notes Vendor Advisory
https://www.incibe.es/en/incibe-cert/notices/aviso/velneo-vclient-improper-authentication-0
https://www.velneo.com/blog/disponible-la-nueva-version-velneo-32	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: INCIBE

Published: 2022-11-23T00:00:00

Updated: 2023-11-09T16:02:44.992Z

Reserved: 2021-12-13T00:00:00

Link: CVE-2021-45036

JSON object: View

NVD Information

Status : Modified

Published: 2022-11-28T16:15:09.090

Modified: 2023-11-09T16:15:34.337

Link: CVE-2021-45036

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-45036", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "assignerShortName": "INCIBE", "datePublished": "2022-11-23T00:00:00", "dateUpdated": "2023-11-09T16:02:44.992Z", "dateReserved": "2021-12-13T00:00:00"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Velneo vClient", "vendor": "Velneo", "versions": [{"status": "affected", "version": "28.1.3"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jes\u00fas R\u00f3denas Huerta, @Marmeus"}], "datePublic": "2022-11-22T23:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.</span>\n\n"}], "value": "\nVelneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-11-09T16:02:44.992Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/velneo-vclient-improper-authentication-0"}, {"url": "https://www.velneo.com/blog/disponible-la-nueva-version-velneo-32"}, {"url": "https://doc.velneo.com/v/32/velneo/notas-de-la-version#mejoras-de-seguridad-en-validacion-de-usuario-y-contrasena"}, {"url": "https://velneo.es/mivelneo/listado-de-cambios-velneo-32/"}, {"url": "https://doc.velneo.com/v/32/velneo/notas-de-la-version#a-partir-de-esta-version-todos-los-servidores-arrancaran-con-protocolo-vatps"}, {"url": "https://doc.velneo.com/v/32/velneo-vserver/funcionalidades/protocolo-vatps"}, {"url": "https://doc.velneo.com/v/32/velneo/funcionalidades-comunes/conexion-con-velneo-vserver"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">This vulnerability has been fixed by Velneo team in version 32, released on 11/08/2022.</span>\n\n"}], "value": "\nThis vulnerability has been fixed by Velneo team in version 32, released on 11/08/2022.\n\n"}], "source": {"advisory": "INCIBE-2022-1017", "defect": ["INCIBE-2021-0028"], "discovery": "EXTERNAL"}, "title": "Velneo vClient improper authentication", "x_generator": {"engine": "Vulnogram 0.0.9"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:velneo:vclient:28.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2802675E-9543-403C-95FF-3CFF1FC01896", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\nVelneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.\n\n"}, {"lang": "es", "value": "Velneo vClient en su versi\u00f3n 28.1.3 podr\u00eda permitir que un atacante con conocimiento del nombre de usuario y la contrase\u00f1a hash de la v\u00edctima falsifique la identificaci\u00f3n de la v\u00edctima en el servidor."}], "id": "CVE-2021-45036", "lastModified": "2023-11-09T16:15:34.337", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.8, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2022-11-28T16:15:09.090", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Vendor Advisory"], "url": "https://doc.velneo.com/v/32/velneo-vserver/funcionalidades/protocolo-vatps"}, {"source": "cve-coordination@incibe.es", "tags": ["Vendor Advisory"], "url": "https://doc.velneo.com/v/32/velneo/funcionalidades-comunes/conexion-con-velneo-vserver"}, {"source": "cve-coordination@incibe.es", "tags": ["Vendor Advisory"], "url": "https://doc.velneo.com/v/32/velneo/notas-de-la-version#a-partir-de-esta-version-todos-los-servidores-arrancaran-con-protocolo-vatps"}, {"source": "cve-coordination@incibe.es", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://doc.velneo.com/v/32/velneo/notas-de-la-version#mejoras-de-seguridad-en-validacion-de-usuario-y-contrasena"}, {"source": "cve-coordination@incibe.es", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://velneo.es/mivelneo/listado-de-cambios-velneo-32/"}, {"source": "cve-coordination@incibe.es", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/velneo-vclient-improper-authentication-0"}, {"source": "cve-coordination@incibe.es", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.velneo.com/blog/disponible-la-nueva-version-velneo-32"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-290"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}]}