Vulnerabilities > CVE-2021-37697 - Unspecified vulnerability in Tmerc-Cogs Project Tmerc-Cogs

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

tmerc-cogs-project

NVD

Published: 2021-08-11

Updated: 2024-11-21

Summary

tmerc-cogs are a collection of open source plugins for the Red Discord bot. A vulnerability has been found in the code that allows any user to access sensitive information by crafting a specific membership event message. Issue is patched in commit d63c49b4cfc30c795336e4fff08cba3795e0fcc0. As a workaround users may unload the Welcome cog.

Vulnerable Configurations

Part	Description	Count
Application	Tmerc-Cogs_Project Tmerc Cogs Project Tmerc Cogs -	1

References

https://github.com/tmercswims/tmerc-cogs/commit/d63c49b4cfc30c795336e4fff08cba3795e0fcc0
https://github.com/tmercswims/tmerc-cogs/commit/d63c49b4cfc30c795336e4fff08cba3795e0fcc0
https://github.com/tmercswims/tmerc-cogs/security/advisories/GHSA-77xv-8c2x-j96j
https://github.com/tmercswims/tmerc-cogs/security/advisories/GHSA-77xv-8c2x-j96j