CVE-2021-44862 - OpenCVE

Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netskope	Netskope

Configuration 1 [-]

cpe:2.3:a:netskope:netskope:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2022-001

History

No history.

MITRE

Status: PUBLISHED

Assigner: Netskope

Published: 2022-11-03T19:20:41.897871Z

Updated: 2024-08-04T04:32:13.203Z

Reserved: 2021-12-13T00:00:00

Link: CVE-2021-44862

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-11-03T20:15:24.700

Modified: 2023-10-25T18:16:53.973

Link: CVE-2021-44862

Redhat

No data.

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "NSClient", "vendor": "Netskope", "versions": [{"status": "affected", "version": "91.0 and Prior"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Netskope credits Ben O\u2019Dea and Josh Wilson from IAG Australia for reporting this vulnerability."}], "datePublic": "2022-10-27T08:52:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.</span><br>"}], "value": "Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.\n"}], "impacts": [{"capecId": "CAPEC-194", "descriptions": [{"lang": "en", "value": "CAPEC-194 Fake the Source of Data"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc", "shortName": "Netskope", "dateUpdated": "2023-10-24T08:06:52.394Z"}, "references": [{"name": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2022-001", "url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2022-001"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade to the latest version available."}], "value": "Upgrade to the latest version available."}], "source": {"advisory": "NSKPSA-2022-001", "discovery": "EXTERNAL"}, "title": "Sensitive Information store in NSClient logs", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:32:13.203Z"}, "title": "CVE Program Container", "references": [{"name": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2022-001", "url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2022-001", "tags": ["x_transferred"]}]}]}, "cveMetadata": {"assignerOrgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc", "cveId": "CVE-2021-44862", "serial": 1, "state": "PUBLISHED", "dateUpdated": "2024-08-04T04:32:13.203Z", "dateReserved": "2021-12-13T00:00:00", "datePublished": "2022-11-03T19:20:41.897871Z", "assignerShortName": "Netskope"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netskope:netskope:*:*:*:*:*:*:*:*", "matchCriteriaId": "241FE3BF-2CC0-4B8E-96C9-67C75ED2D576", "versionEndIncluding": "91", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.\n"}, {"lang": "es", "value": "El cliente Netskope se ve afectado por una vulnerabilidad en la que un atacante local autenticado puede ver informaci\u00f3n confidencial almacenada en registros de NSClient que deber\u00eda estar restringida. La vulnerabilidad existe porque la informaci\u00f3n confidencial no se enmascara ni se elimina antes de escribirla en los registros. Un usuario malintencionado puede utilizar la informaci\u00f3n confidencial para descargar datos y hacerse pasar por otro usuario."}], "id": "CVE-2021-44862", "lastModified": "2023-10-25T18:16:53.973", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "psirt@netskope.com", "type": "Secondary"}]}, "published": "2022-11-03T20:15:24.700", "references": [{"source": "psirt@netskope.com", "tags": ["Vendor Advisory"], "url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2022-001"}], "sourceIdentifier": "psirt@netskope.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-532"}], "source": "psirt@netskope.com", "type": "Secondary"}]}