CVE-2021-41590
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment.
En Gradle Enterprise versiones hasta 2021.3, el sondeo del entorno de red del lado del servidor puede ocurrir por medio de una prueba de configuración SMTP. La interfaz de usuario de configuración de la instalación disponible para los administradores permite probar la configuración del servidor SMTP. Esta función de prueba puede ser usada para identificar los puertos TCP de escucha disponibles para el servidor, revelando información sobre el entorno de red interno
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-09-24 CVE Reserved
- 2021-10-27 CVE Published
- 2024-07-12 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.gradle.com | 2022-07-12 | |
| https://security.gradle.com/advisory/2021-07 | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gradle Search vendor "Gradle" | Enterprise Search vendor "Gradle" for product "Enterprise" | >= 2020.4 < 2021.3 Search vendor "Gradle" for product "Enterprise" and version " >= 2020.4 < 2021.3" | - |
Affected
| ||||||