Vulnerabilities > CVE-2021-22853 - Unspecified vulnerability in HR Portal Project HR Portal 7.3.2020.1013

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

LOW

network

low complexity

hr-portal-project

NVD

Published: 2021-02-17

Updated: 2023-11-07

Summary

The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work.

Vulnerable Configurations

Part	Description	Count
Application	Hr_Portal_Project HR Portal Project HR Portal 7.3.2020.1013	1

References

https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html
https://www.chtsecurity.com/news/d334641f-2b28-4eab-a5ed-c6ec6740557e