Vulnerabilities > CVE-2021-41586 - Server-Side Request Forgery (SSRF) vulnerability in Gradle

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
gradle
CWE-918
NVD
Published: 2021-09-24
Updated: 2021-09-30

Summary

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password.

Vulnerable Configurations

Part Description Count
Application
Gradle
1

Common Weakness Enumeration (CWE)

References