NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are mishandled.
References
Link | Resource |
---|---|
https://advisories.nats.io/CVE/CVE-2021-3127.txt | Exploit Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-755 |
23 Mar 2021, 14:04
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://advisories.nats.io/CVE/CVE-2021-3127.txt - Exploit, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:nats:jwt_library:*:*:*:*:*:*:*:* cpe:2.3:a:nats:nats_server:*:*:*:*:*:*:*:* |
|
CWE | CWE-863 |
16 Mar 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-16 20:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-3127
Mitre link : CVE-2021-3127
CVE.ORG link : CVE-2021-3127
JSON object : View
Products Affected
nats
- jwt_library
- nats_server
CWE
CWE-755
Improper Handling of Exceptional Conditions