How severe is CVE-2021-1129?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2021-1129?

This is classified as CWE-201, which is a common weakness in software security.

CVE-2021-1129

MEDIUM Year: 2021

CVSS v3 Score

5.3

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-201

View all →

Vulnerability Description

A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure.

CVE-2020-25703

MEDIUM

CVSS:5.3(Medium)

The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8. T...

CWE-2012020

CVE-2022-27779

MEDIUM

CVSS:5.3(Medium)

libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt w...

CWE-2012022

CVE-2023-3102

MEDIUM

CVSS:5.3(Medium)

A sensitive information leak issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows access to title...

CWE-2012023

CVE-2023-34968

MEDIUM

CVSS:5.3(Medium)

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries...

CWE-2012023

CVE-2023-38013

MEDIUM

CVSS:5.3(Medium)

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information in HTTP responses that co...

CWE-2012023

CVE-2023-3949

MEDIUM

CVSS:5.3(Medium)

An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was pos...

CWE-2012023

CVE-2021-1129

Vulnerability Description

Related Vulnerabilities

CVE-2020-25703

CVE-2022-27779

CVE-2023-3102

CVE-2023-34968

CVE-2023-38013

CVE-2023-3949