~/Cedric

CVE-2021-34527 CVE objects from NIST

CVE-2021-34527

The system allows asynchronous operation of certain parts or commands of the operating system to be exploited (e.g. automatic opening of attachments) Vulnerabilities

The access system allows software storage Vulnerabilities

A02:2021 – Cryptographic Failures Vulnerabilities

The first thing is to determine the protection needs of data in transit and at rest. For example, passwords, credit card numbers, health records, personal information, and business secrets require extra protection, mainly if that data falls under privacy laws, e.g., EU's General Data Protection Regulation (GDPR), or regulations, e.g., financial data protection such as PCI Data Security Standard (PCI DSS).

A01:2021 - Broken Access Control Vulnerabilities

Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user's limits.

The system is connected to external networks Vulnerabilities

Tempting or popular operating system Vulnerabilities

No diagnostic function to prevent equipment failures Vulnerabilities

The messaging system can be accessed from Internet Vulnerabilities

No measure to avoid negligence when information is sent Vulnerabilities