CVE-2021-3127

Published: 16/03/2021 Updated: 12/07/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

NATS Server 2.x prior to 2.2.0 and JWT library prior to 2.0.1 have Incorrect Access Control because Import Token bindings are mishandled.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nats jwt library
nats nats server

NATS Server 2x before 220 and JWT library before 201 have Incorrect Access Control because Import Token bindings are mishandled ...

[moderators: my apologies for the initial unsigned message, please discard that one and permit this one] Folks, Two new CVEs for the NATS project for issues fixed with the 220 release The full text of the advisories should be attached These, and other advisories, can be found at <advisoriesnatsio/> * CVE-2020-28466 + i ...

Folks, Two new CVEs for the NATS project for issues fixed with the 220 release The full text of the advisories should be attached These, and other advisories, can be found at <advisoriesnatsio/> * CVE-2020-28466 + import loops between accounts, expressed in the account JWT, could DoS the server + this was fixed i ...

CWE-755 https://advisories.nats.io/CVE/CVE-2021-3127.txt https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2021-3127

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-3127

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect