CVE-2021-45379

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-45379
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45379.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-45379
Downstream
Published
2021-12-30T18:15:07.463Z
Modified
2025-11-20T11:56:48.142628Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.

References

Affected packages

Git / github.com/babelouest/glewlwyd

Affected ranges

Type
GIT
Repo
https://github.com/babelouest/glewlwyd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
125281f1c0d4b6a8b49f7e55a757205a2ef01fbe
Fixed
a7ddc5b3c2981cf15fc477fbd12397afcc559e4b

Affected versions

1.*

1.0
1.0.1
1.1
1.1.1
1.1.2
1.2
1.2.1
1.2.2

v1.*

v1.2.3
v1.2.4
v1.3
v1.3.1
v1.3.2
v1.3.2-b
v1.3.2-b.2
v1.3.2-b.3
v1.3.2-b.4
v1.3.2-b.5
v1.3.2-b.6
v1.3.3
v1.4.0
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.6
v1.4.7
v1.4.8
v1.4.9

v2.*

v2.0.0
v2.0.0-b1
v2.0.0-b2
v2.0.0-b3
v2.0.0-rc1
v2.0.0-rc2
v2.1.0
v2.1.1
v2.2.0
v2.3.0
v2.3.1
v2.3.2
v2.4.0
v2.5.0
v2.5.1
v2.5.2
v2.5.3
v2.6.0

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "file": "src/webservice.c",
            "function": "callback_glewlwyd_user_auth"
        },
        "digest": {
            "function_hash": "287385179160249100524275443818706698966",
            "length": 7507.0
        },
        "id": "CVE-2021-45379-262cbb68",
        "signature_type": "Function",
        "source": "https://github.com/babelouest/glewlwyd/commit/125281f1c0d4b6a8b49f7e55a757205a2ef01fbe",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "src/webservice.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "160032509845577399718325785668694135536",
                "159314386650147664546478821949250439871",
                "97272558064739958032241681553684032162",
                "318688609422231976619580614058765167857",
                "21727593704607572632123644709356901167",
                "311966006849433527990035948850796334565",
                "87472205284720780937743638570090968232"
            ]
        },
        "id": "CVE-2021-45379-c09008b9",
        "signature_type": "Line",
        "source": "https://github.com/babelouest/glewlwyd/commit/125281f1c0d4b6a8b49f7e55a757205a2ef01fbe",
        "signature_version": "v1"
    }
]