CVE-2021-47712
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2021-47712, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-18

Last updated on: 2025-12-24

Assigner: VulnCheck

Description

A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-18
Last Modified
2025-12-24
Generated
2026-07-06
AI Q&A
2025-12-18
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
kentico xperience to 12.0.102 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a cryptographic issue in Kentico Xperience's URL hashing mechanism, where a broken or risky cryptographic algorithm allows attackers to manipulate URL hash values. This manipulation can lead to hash value reuse and potential exploitation, compromising the security of the system. A hotfix has been released to add an additional security layer to prevent these issues. [1]

Impact Analysis

The vulnerability can allow attackers to manipulate URL hash values, potentially leading to security risks such as reuse of hash values and exploitation of the hashing mechanism. This could impact the confidentiality, integrity, and availability of the system at low levels. [1]

Mitigation Strategies

To mitigate this vulnerability, you should apply the hotfix released by Kentico that introduces an additional security layer to prevent hash value reuse and exploitation of the URL hashing mechanism. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47712. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart