CVE-2021-2322

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-2322

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-2322.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-2322

Published

2021-06-23T23:15:07.713Z

Modified

2026-03-14T10:46:45.840034Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

References

https://www.oracle.com/security-alerts/oracle-open-source-cves-outside-other-oracle-public-documents.html

Affected packages

Git / github.com/oracle/opengrok

Affected ranges

Type

GIT

Repo

https://github.com/oracle/opengrok

Events

Introduced

Last affected

e4c9c2b53cb0c7fc3c9e5b30c3892012e5937c3b

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.7"
        }
    ]
}

Affected versions

0.*

0.12

0.12-rc1

0.12-rc2

0.12-rc3

0.12-rc4

0.12-rc5

0.12-rc6

0.12-rc7

0.12.1

0.13-rc1

0.13-rc10

0.13-rc7

0.13-rc8

0.13-rc9

0.13.rc3

0.13.rc4

0.13.rc6

1.*

1.0

1.1

1.1-rc1

1.1-rc10

1.1-rc11

1.1-rc12

1.1-rc13

1.1-rc14

1.1-rc15

1.1-rc16

1.1-rc17

1.1-rc18

1.1-rc19

1.1-rc2

1.1-rc20

1.1-rc21

1.1-rc22

1.1-rc23

1.1-rc24

1.1-rc25

1.1-rc26

1.1-rc27

1.1-rc28

1.1-rc29

1.1-rc3

1.1-rc30

1.1-rc31

1.1-rc32

1.1-rc33

1.1-rc34

1.1-rc35

1.1-rc36

1.1-rc37

1.1-rc38

1.1-rc39

1.1-rc4

1.1-rc40

1.1-rc41

1.1-rc42

1.1-rc43

1.1-rc44

1.1-rc45

1.1-rc46

1.1-rc47

1.1-rc48

1.1-rc49

1.1-rc5

1.1-rc50

1.1-rc51

1.1-rc52

1.1-rc53

1.1-rc54

1.1-rc55

1.1-rc56

1.1-rc57

1.1-rc58

1.1-rc59

1.1-rc6

1.1-rc60

1.1-rc61

1.1-rc62

1.1-rc63

1.1-rc64

1.1-rc65

1.1-rc66

1.1-rc67

1.1-rc68

1.1-rc69

1.1-rc7

1.1-rc70

1.1-rc71

1.1-rc72

1.1-rc73

1.1-rc74

1.1-rc75

1.1-rc76

1.1-rc77

1.1-rc78

1.1-rc79

1.1-rc8

1.1-rc80

1.1-rc81

1.1-rc82

1.1-rc9

1.1.0

1.1.1

1.1.2

1.2.0

1.2.1

1.2.10

1.2.11

1.2.12

1.2.13

1.2.14

1.2.15

1.2.16

1.2.17

1.2.18

1.2.19

1.2.2

1.2.20

1.2.21

1.2.22

1.2.23

1.2.24

1.2.25

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3.0

1.3.1

1.3.10

1.3.11

1.3.12

1.3.13

1.3.14

1.3.15

1.3.16

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4.0

1.4.1

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5.0

1.5.1

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

Other

untagged-2d067cc3eab919a1b8d1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-2322.json"