How severe is CVE-2021-27786?

CVE-2021-27786 has a CVSS v3 score of 4.6 (MEDIUM).

CVE-2021-27786

Name: onetest_server
Author: hcltech

4.6MEDIUM

Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial r

Veröffentlicht: 6/9/2022Aktualisiert: 11/21/2024

Beschreibung

Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information when the Access-Control-Allow-Credentials is enabled.

KI-AnalyseKI-gestützt

Betroffene Produkte

hcltechonetest_server

10.0

hcltechonetest_server

10.1

hcltechonetest_server

10.2

Referenzen

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098603
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098603
Vendor Advisory