How severe is CVE-2021-43051?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2021-43051?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2021-43051

MEDIUM Year: 2021

CVSS v3 Score

6.8

Medium

CVSS v2 Score

8.5

High

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire Server, and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows malicious custom API clients with network access to execute internal API operations outside of the scope of those granted to it. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Server: versions 10.10.6 and below, TIBCO Spotfire Server: versions 11.0.0, 11.1.0, 11.2.0, 11.3.0, 11.4.0, and 11.4.1, and TIBCO Spotfire Server: versions 11.5.0 and 11.6.0.

CVE-2012-1695

MEDIUM

CVSS:6.8(Medium)

Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, int...

NVD-CWE-Other2012

CVE-2015-8262

MEDIUM

CVSS:6.8(Medium)

Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof re...

NVD-CWE-Other2015

CVE-2015-8816

MEDIUM

CVSS:6.8(Medium)

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a d...

NVD-CWE-Other2015

CVE-2016-1285

MEDIUM

CVSS:6.8(Medium)

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (...

NVD-CWE-Other2016

CVE-2016-5304

MEDIUM

CVSS:6.8(Medium)

Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites ...

NVD-CWE-Other2016

CVE-2016-8318

MEDIUM

CVSS:6.8(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exp...

NVD-CWE-Other2016

CVE-2021-43051

Vulnerability Description

Related Vulnerabilities

CVE-2012-1695

CVE-2015-8262

CVE-2015-8816

CVE-2016-1285

CVE-2016-5304

CVE-2016-8318