CVE-2021-32937
CWE-209: GENERATION OF ERROR MESSAGE CONTAINING SENSITIVE INFORMATION:
An attacker can gain knowledge of a session temporary working folder where the getfile and putfile commands are used. An attacker can leverage this knowledge to provide a malicious command to the working directory where the read and write activity can be initiated.
Risk Information
- CVE ID
- CVE-2021-32937
- Vendor
- MDT Software
- Product
- AutoSave
- CVSS v3
- 7.5