Vulnerabilities > CVE-2021-41033 - Unspecified vulnerability in Eclipse Equinox 4.21
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
eclipse
Summary
In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installation can be vulnerable to man-in-the-middle attack if using p2 repos that are HTTP; that can then be exploited to serve incorrect p2 metadata and entirely alter the local installation, particularly by installing plug-ins that may then run malicious code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |