CVE-2021-47712
BaseFortify
Publication date: 2025-12-18
Last updated on: 2025-12-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kentico | xperience | to 12.0.102 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a cryptographic issue in Kentico Xperience's URL hashing mechanism, where a broken or risky cryptographic algorithm allows attackers to manipulate URL hash values. This manipulation can lead to hash value reuse and potential exploitation, compromising the security of the system. A hotfix has been released to add an additional security layer to prevent these issues. [1]
How can this vulnerability impact me? :
The vulnerability can allow attackers to manipulate URL hash values, potentially leading to security risks such as reuse of hash values and exploitation of the hashing mechanism. This could impact the confidentiality, integrity, and availability of the system at low levels. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should apply the hotfix released by Kentico that introduces an additional security layer to prevent hash value reuse and exploitation of the URL hashing mechanism. [1]