Vulnerabilities > CVE-2021-46250 - Unspecified vulnerability in Scratchoauth2 Project Scratchoauth2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
scratchoauth2-project

Summary

An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879bd58fa83b09283c0708a1864cdf067c64a allows attackers to authenticate as other users on downstream components that rely on ScratchOAuth2.

Vulnerable Configurations

Part Description Count
Application
Scratchoauth2_Project
1