Remote Access to Project Sources in Vaadin Designer Versions 4.3.0 through 4.6.3

Remote Access to Project Sources in Vaadin Designer Versions 4.3.0 through 4.6.3

CVE-2021-31410 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0 through 4.6.3 allows remote attackers to access project sources via crafted HTTP request.

Learn more about our Cis Benchmark Audit For Server Software.