CVE-2021-4230
LOWAirfield Online - Unauthenticated Sensitive Data Exposure via MySQL Backup Handler
Title source: llmDescription
A vulnerability has been found in Airfield Online and classified as problematic. This vulnerability affects the path /backups/ of the MySQL backup handler. An attacker is able to get access to sensitive data without proper authentication. It is recommended to the change the configuration settings.
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://vuldb.com/?id.183172
Scores
CVSS v3
3.7
EPSS
0.0089
EPSS Percentile
54.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-287
Status
published
Products (1)
airfield_online_project/airfield_online
Published
May 24, 2022
Tracked Since
Feb 18, 2026