Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-33334

The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.2, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 6, does not properly check user permissions, which allows remote attackers with the forms "Access in Site Administration" permission to view all forms and form entries in a site via the forms section in site administration.

Published

2021-08-03T21:15:08.610

Last Modified

2025-05-13T18:17:51.450

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

8.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-276
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.0 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.1 Yes
Application liferay digital_experience_platform 7.2 Yes
Application liferay digital_experience_platform 7.2 Yes
Application liferay digital_experience_platform 7.2 Yes
Application liferay digital_experience_platform 7.2 Yes
Application liferay digital_experience_platform 7.2 Yes
Application liferay digital_experience_platform 7.2 Yes
Application liferay liferay_portal < 7.3.3 Yes
References