CVE-2021-32937

CWE-209: GENERATION OF ERROR MESSAGE CONTAINING SENSITIVE INFORMATION:
An attacker can gain knowledge of a session temporary working folder where the getfile and putfile commands are used. An attacker can leverage this knowledge to provide a malicious command to the working directory where the read and write activity can be initiated.

Risk Information

  • CVE ID
  • CVE-2021-32937
  • Vendor
  • MDT Software
  • Product
  • AutoSave
  • CVSS v3
  • 7.5