CVE-2021-20114 Scanner

TCExam is an open-source computer-based assessment software used across various organizations and educational institutions. Its purpose is to provide a comprehensive platform for creating, administering, and grading exams with a wide range of question types such as multiple-choice, true/false, short answer, and essay. The software also allows for the creation of certificates, surveys, and statistical reports to aid in performance analysis and improvement.

One of the major vulnerabilities detected in TCExam is CVE-2021-20114. This vulnerability arises due to the default/recommended settings that allow unauthenticated users to access the /cache/backup/ directory, which contains sensitive database backup files. Because the files are accessible without any authentication, hackers can easily gain access to the system’s sensitive data and modify or delete it for malicious purposes.

When this vulnerability is exploited, it can lead to a serious breach of data privacy and confidentiality, which can cause significant harm to the affected organization or institution. The unauthorized access to the sensitive data can also result in financial losses, loss of competitive advantage, and reputational damage.

In summary, the CVE-2021-20114 vulnerability poses a significant risk to the TCExam software and the organizations and institutions using it. It is crucial to take the necessary precautions to protect against this vulnerability and ensure the safety and security of the system’s sensitive data. By utilizing the pro features of securityforeveryone.com, individuals and organizations can easily and quickly identify vulnerabilities in their digital assets, making it easier to implement necessary measures.

REFERENCES

• https://www.tenable.com/security/research/tra-2021-32