cve-2021-33322
Vulnerability from cvelistv5
Published
2021-08-03 18:29
Modified
2024-08-03 23:50
Severity ?
EPSS score ?
Summary
In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their password, which allows remote attackers to change the user’s password via the old password reset token.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://issues.liferay.com/browse/LPE-16981 | Patch, Vendor Advisory | |
| cve@mitre.org | https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.liferay.com/browse/LPE-16981 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020 | Release Notes, Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:42.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.liferay.com/browse/LPE-16981"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their password, which allows remote attackers to change the user\u2019s password via the old password reset token."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-03T18:29:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.liferay.com/browse/LPE-16981"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their password, which allows remote attackers to change the user\u2019s password via the old password reset token."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020",
"refsource": "CONFIRM",
"url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020"
},
{
"name": "https://issues.liferay.com/browse/LPE-16981",
"refsource": "CONFIRM",
"url": "https://issues.liferay.com/browse/LPE-16981"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33322",
"datePublished": "2021-08-03T18:29:17",
"dateReserved": "2021-05-20T00:00:00",
"dateUpdated": "2024-08-03T23:50:42.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-33322\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-08-03T19:15:08.623\",\"lastModified\":\"2024-11-21T06:08:41.217\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their password, which allows remote attackers to change the user\u2019s password via the old password reset token.\"},{\"lang\":\"es\",\"value\":\"En Liferay Portal versiones 7.3.0 y anteriores, y Liferay DXP versiones 7.0 anteriores a fix pack 96, versiones 7.1 anteriores a fix pack 18, y versiones 7.2 anteriores a fix pack 5, los tokens de restablecimiento de contrase\u00f1a no son invalidados despu\u00e9s de que un usuario cambie su contrase\u00f1a, lo que permite a atacantes remotos cambiar la contrase\u00f1a del usuario por medio del antiguo token de restablecimiento de contrase\u00f1a\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-613\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"43A92274-7D88-4F0F-8265-CF862011F27F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"4874012D-52AA-4C32-95E9-BD331225B4E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"21CAF86F-CEC9-44EE-BAF8-0F7AF9D945F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_24:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF6C9F29-EEFF-4737-BD50-58572D6C14E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_25:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24E1FA0-BD94-4AFC-92BF-AEDEBC7DCF4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_26:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF9B54EE-973B-44B4-8EA2-B58FA49AC561\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_27:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9637223-557D-474B-A46B-D276866376C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_28:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6306F9C-99DE-4F94-8E7F-6747762BEC45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_3\\\\+:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DFF08F0-77C1-43A0-B7DD-9B905BE074EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_30:*:*:*:*:*:*\",\"matchCriteriaId\":\"48B7015C-26B9-453E-B3CF-9B220D3A8024\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_33:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEB6921-3C45-4B7E-8B34-CDC34984583D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_35:*:*:*:*:*:*\",\"matchCriteriaId\":\"525F45DC-2E5C-46A8-AEDF-9D6B8FA2EB11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_36:*:*:*:*:*:*\",\"matchCriteriaId\":\"55755D0C-4C0C-42D9-BE5E-5D33C8BA4C7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_39:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB4FE0F9-EB19-45D7-A953-674629D951F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_40:*:*:*:*:*:*\",\"matchCriteriaId\":\"22E4B63F-01A9-4F85-92BC-A51F41BE4121\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_41:*:*:*:*:*:*\",\"matchCriteriaId\":\"23BE441D-8770-4F4D-86CD-4E53161F54FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_42:*:*:*:*:*:*\",\"matchCriteriaId\":\"E14FF010-3907-4C79-B945-C792E446CB31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_43:*:*:*:*:*:*\",\"matchCriteriaId\":\"B97B5817-B55E-485D-9747-3A50CF7245C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_44:*:*:*:*:*:*\",\"matchCriteriaId\":\"19EBD671-56BD-45D3-9248-DAF3F47B36FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_45:*:*:*:*:*:*\",\"matchCriteriaId\":\"93EDC2A1-9622-44DB-ABA8-754D61B60787\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_46:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4B6A06D-C323-431C-9A65-4FD6A6E4CAB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_47:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE6D4466-1C3A-4D5A-A65C-A30A87EADF1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_48:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F0BC40A-8E13-4665-A2E4-F5815CA70E17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_49:*:*:*:*:*:*\",\"matchCriteriaId\":\"11FB69C3-7755-495A-AB76-201AF4D9623B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_50:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF66F652-6C08-4D47-865D-36E70360B632\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_51:*:*:*:*:*:*\",\"matchCriteriaId\":\"17B68D59-0509-4C6A-B803-03A02EB76F1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_52:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F69B287-3B86-4B64-BCB4-40E9495A628D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_53:*:*:*:*:*:*\",\"matchCriteriaId\":\"C627090E-A1BF-4332-9538-EE4E184DB65E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_54:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A089471-9944-4C75-A25F-1F23C18C0CF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_56:*:*:*:*:*:*\",\"matchCriteriaId\":\"B90E7FBF-6B5B-457A-8B20-ECA69A626BB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_57:*:*:*:*:*:*\",\"matchCriteriaId\":\"1975C1AB-EF50-42E2-9879-17FB763B45F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_58:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFB7BB13-773B-47A6-A001-B9EBA46C917E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_59:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C4A2D39-3725-4E80-9F3F-AC1F4EE662E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_60:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAEDF88B-B9C8-4891-B199-A72C066FC7BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_61:*:*:*:*:*:*\",\"matchCriteriaId\":\"F768E1DD-3DC6-4783-82DE-D089C7CD3C63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_64:*:*:*:*:*:*\",\"matchCriteriaId\":\"426EDA92-FE5A-4523-8AAE-1E5D5D67F535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_65:*:*:*:*:*:*\",\"matchCriteriaId\":\"070CB609-6D4B-4817-9F91-00BD62423E56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_66:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEE87846-A4CF-47E5-93AA-5D7E2548D28D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_67:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4C11B0E-6D94-4A65-83BE-1E5828710CB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_68:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1DC73B1-4017-424F-A28D-F54F2FA8ED8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_69:*:*:*:*:*:*\",\"matchCriteriaId\":\"32B4FD3C-7BB7-4DA2-9A3A-05A6370B9745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_70:*:*:*:*:*:*\",\"matchCriteriaId\":\"71293E5B-4DCC-47BC-A493-3540D57E6067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_71:*:*:*:*:*:*\",\"matchCriteriaId\":\"56A8940B-318E-4C6A-9131-A50E90E82C28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_72:*:*:*:*:*:*\",\"matchCriteriaId\":\"F09B5E82-DC18-4B07-9A05-E433579B4FB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_73:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE25D189-2D6F-4229-BF09-2CEA0A6C5D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_75:*:*:*:*:*:*\",\"matchCriteriaId\":\"36549BE5-DEDB-408A-BFC9-AB00031D45DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_76:*:*:*:*:*:*\",\"matchCriteriaId\":\"E11B8075-4212-41CB-85AC-09FA1CDB86A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_78:*:*:*:*:*:*\",\"matchCriteriaId\":\"80412DCE-D79F-492A-8788-6A43C4D76D7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_79:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7A939F-21D1-4AF1-BAB9-E91DFCFFB7A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_80:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F2240FC-EDDC-47F5-B713-07FF2D23CE00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_81:*:*:*:*:*:*\",\"matchCriteriaId\":\"5006AAE4-B154-468A-850C-20171965E2AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_82:*:*:*:*:*:*\",\"matchCriteriaId\":\"1541072D-3F14-47A2-8A42-EF2765643AE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_83:*:*:*:*:*:*\",\"matchCriteriaId\":\"2340C85F-0296-4591-8D23-56634C50C5F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_84:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BEC3C5C-DA8C-4620-A38E-BB47D4CB7CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_85:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DD38B1F-7EEA-4DB5-A31B-D84DC33313FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_86:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC923A9E-CF9D-44DE-AB58-7BCAAFDDE7D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_87:*:*:*:*:*:*\",\"matchCriteriaId\":\"65542031-04E1-485F-8102-04CB65865ECE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_88:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36F2FBD-E949-4608-9ECF-0F05DD8E487E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_89:*:*:*:*:*:*\",\"matchCriteriaId\":\"D68832F1-6D71-4A63-AA8A-86C0EDF9F8E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_90:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD1F579A-084C-46A9-ADCA-8F3FA45D85D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_91:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC81C494-F68E-4580-87FB-7792C1080DFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_92:*:*:*:*:*:*\",\"matchCriteriaId\":\"6693594D-6731-4223-8C28-4873746B97AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_93:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B96CDC5-F4DE-49A2-B09D-318163EC9A09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_94:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEAE13AF-DEEE-4284-A93D-EFE2647E12FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.0:fix_pack_95:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EEADDC3-C436-452F-9271-8F30A9D03FE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2AA7E18-A41B-4F0D-A04F-57C5745D091B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"392B783D-620D-4C71-AAA0-848B16964A27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F5A94E2-22B7-4D2D-A491-29F395E727C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B10908-C42B-4763-9D47-236506B0E84A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF544435-36AC-49B8-BA50-A6B6D1678BBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D265542-5333-4CCD-90E5-B5F6A55F9863\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"1763CD8B-3ACD-4617-A1CA-B9F77A074977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_15:*:*:*:*:*:*\",\"matchCriteriaId\":\"F25C66AA-B60D-413C-A848-51E12D6080AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_16:*:*:*:*:*:*\",\"matchCriteriaId\":\"071A0D53-EC95-4B18-9FA3-55208B1F7B94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_17:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC26A9D4-14D6-46B1-BB00-A2C4386EBCA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_18:*:*:*:*:*:*\",\"matchCriteriaId\":\"350CDEDA-9A20-4BC3-BEAE-8346CED10CD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3233D306-3F8E-40A4-B132-7264E63DD131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EAEA45A-0370-475E-B4CB-395A434DC3A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"39310F05-1DB6-43BA-811C-9CB91D6DCF20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6135B16-C89E-4F49-BA15-823E2AF26D68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC887BEC-915B-44AC-B473-5448B3D8DCF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7A7CC60-C294-41EC-B000-D15AAA93A3D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"022132F8-6E56-4A29-95D6-3B7861D39CDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.1:fix_pack_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"651DA9B7-9C11-47A7-AF5C-95625C8FFF6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CAAE1B7-982E-4D50-9651-DEEE6CD74EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.2:fix_pack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFCF99EC-3384-418D-A419-B9DB607BE371\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.2:fix_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"31E05134-A0C5-4937-A228-7D0884276B67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.2:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F06C4AD-FD20-4345-8386-0895312F0A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:dxp:7.2:fix_pack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"98CC25E2-EC3D-43A2-8D03-06F0E804EA63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.1\",\"matchCriteriaId\":\"73CDC2CC-EE82-4010-88E5-EDC175DA4D47\"}]}]}],\"references\":[{\"url\":\"https://issues.liferay.com/browse/LPE-16981\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://issues.liferay.com/browse/LPE-16981\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120748020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.