{"api_version":"1","generated_at":"2026-04-23T09:06:02+00:00","cve":"CVE-2021-37500","urls":{"html":"https://cve.report/CVE-2021-37500","api":"https://cve.report/api/cve/CVE-2021-37500.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-37500","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-37500"},"summary":{"title":"CVE-2021-37500","description":"Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-01-20 12:15:00","updated_at":"2023-01-27 14:03:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"http://reprisesoftware.com","name":"http://reprisesoftware.com","refsource":"MISC","tags":[],"title":"Software License Management, Activation and Cloud Licensing. | Reprise Software","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","name":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","refsource":"MISC","tags":[],"title":"Advisories/README.md at main · blakduk/Advisories · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://reprise.com","name":"http://reprise.com","refsource":"MISC","tags":[],"title":"Reprise — Create Winning Demos","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-37500","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37500","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"37500","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"reprisesoftware","cpe5":"reprise_license_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2021-37500","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"http://reprise.com","refsource":"MISC","name":"http://reprise.com"},{"url":"http://reprisesoftware.com","refsource":"MISC","name":"http://reprisesoftware.com"},{"refsource":"MISC","name":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md"}]}},"nvd":{"publishedDate":"2023-01-20 12:15:00","lastModifiedDate":"2023-01-27 14:03:00","problem_types":["CWE-22"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2bl4","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"37500","Ordinal":"213088","Title":"CVE-2021-37500","CVE":"CVE-2021-37500","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"37500","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}