CVE-2021-34821 (GCVE-0-2021-34821)

Vulnerability from cvelistv5 – Published: 2021-07-19 17:21 – Updated: 2024-08-04 00:26
VLAI
Summary
Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL path filename is copied into the HTML document as plain text tags.
Severity
6.1 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE
  • n/a
Assigner
References
URL Tags
https://seclists.org/fulldisclosure/2021/Jul/20 mailing-listx_refsource_FULLDISC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:26:54.047Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FULLDISC: 20210709 Novus Managment System Vulnerabilities (CVE-2021-34820, CVE-2021-38421)",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "https://seclists.org/fulldisclosure/2021/Jul/20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL path filename is copied into the HTML document as plain text tags."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-19T17:21:28.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FULLDISC: 20210709 Novus Managment System Vulnerabilities (CVE-2021-34820, CVE-2021-38421)",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "https://seclists.org/fulldisclosure/2021/Jul/20"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-34821",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL path filename is copied into the HTML document as plain text tags."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FULLDISC: 20210709 Novus Managment System Vulnerabilities (CVE-2021-34820, CVE-2021-38421)",
              "refsource": "FULLDISC",
              "url": "https://seclists.org/fulldisclosure/2021/Jul/20"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-34821",
    "datePublished": "2021-07-19T17:21:28.000Z",
    "dateReserved": "2021-06-17T00:00:00.000Z",
    "dateUpdated": "2024-08-04T00:26:54.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-34821",
      "date": "2026-06-04",
      "epss": "0.0053",
      "percentile": "0.67578"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-34821\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-07-19T18:15:08.790\",\"lastModified\":\"2024-11-21T06:11:16.233\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL path filename is copied into the HTML document as plain text tags.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en AAT Novus Management System versiones hasta 1.51.2. El WebUI presenta implementado un manejo incorrecto del error HTTP 404. Un atacante remoto no autenticado puede ser capaz de explotar el problema mediante el env\u00edo de peticiones HTTP maliciosas a URIs inexistentes. El valor del nombre de archivo de la ruta URL es copiado en el documento HTML como etiquetas de texto plano\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:aat:novus_management_system:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.51.2\",\"matchCriteriaId\":\"BD59C1A1-FDD7-4213-9DB5-966E71097112\"}]}]}],\"references\":[{\"url\":\"https://seclists.org/fulldisclosure/2021/Jul/20\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/fulldisclosure/2021/Jul/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.