CVE-2021-40642

{"id": "CVE-2021-40642", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-06-29T11:15:16.533", "references": [{"url": "https://github.com/textpattern/textpattern/commit/211fab0093999f59b0b61682aa988ac7d8337aa9", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.huntr.dev/bounties/aadbe434-a376-443b-876f-2a1cbab7847b/", "tags": ["Permissions Required", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-311"}]}], "descriptions": [{"lang": "en", "value": "Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session Without 'Secure' Attribute via textpattern/lib/txplib_misc.php. The secure flag is not set for txp_login session cookie in the application. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site."}, {"lang": "es", "value": "Una vulnerabilidad en Textpattern CMS versiones v4.8.7 y anteriores, se presenta mediante la cookie confidencial en la sesi\u00f3n HTTPS sin el atributo \"Secure\" por medio del archivo textpattern/lib/txplib_misc.php. El flag seguro no est\u00e1 establecida para la cookie de sesi\u00f3n txp_login en la aplicaci\u00f3n. Si el flag seguro no est\u00e1 establecido, entonces la cookie ser\u00e1 transmitida en texto sin cifrar si el usuario visita cualquier URL HTTP dentro del \u00e1mbito de la cookie. Un atacante puede ser capaz de inducir este evento al alimentar al usuario con enlaces apropiados, ya sea directamente o por medio de otro sitio web"}], "lastModified": "2023-08-08T14:21:49.707", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:textpattern:textpattern:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0025781-915E-4449-AB85-6689A54AF9AF", "versionEndIncluding": "4.8.7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}