CVE-2021-45379
HIGH8.8EPSS 0.30%Published: 12/30/2021Modified: 4/28/2026
Description
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
Affected packages (1)
- Debian/glewlwydfrom 0, < 2.5.2-2+deb11u2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |