Description
The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-26479 | The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter. |
References
| Link | Providers |
|---|---|
| https://github.com/jet-pentest/CVE-2021-3131 |
|
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-03T16:45:51.262Z
Reserved: 2021-01-12T00:00:00.000Z
Link: CVE-2021-3131
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-01-13T16:15:14.553
Modified: 2024-11-21T06:20:57.560
Link: CVE-2021-3131
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses