{"id":"CVE-2021-25991","details":"In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme.","modified":"2026-03-14T10:49:13.167551Z","published":"2021-12-29T09:15:09.467Z","references":[{"type":"FIX","url":"https://github.com/ifmeorg/ifme/commit/d1f570c458d41667df801fc9c40a18b181a2d923"},{"type":"EVIDENCE","url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25991"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ifmeorg/ifme","events":[{"introduced":"721df3c44904b491d8b6a3fd017371fe5d3be3fd"},{"last_affected":"df4986f0721a72779403d21d36c025fe95edffad"},{"fixed":"d1f570c458d41667df801fc9c40a18b181a2d923"}],"database_specific":{"versions":[{"introduced":"5.0.0"},{"last_affected":"7.32"}]}}],"versions":["v.7.31.2","v5.0.0","v5.0.1","v5.1.0","v5.2.0","v5.2.1","v6.0.0","v6.0.1","v6.0.2","v6.1.0","v6.1.1","v6.1.2","v6.10.0","v6.10.1","v6.11.0","v6.12.0","v6.13.0","v6.14.0","v6.15.0","v6.16.0","v6.17.0","v6.18.0","v6.19.0","v6.2.0","v6.2.1","v6.3.0","v6.4.0","v6.5.0","v6.5.1","v6.5.2","v6.6.0","v6.7.0","v6.7.1","v6.8.0","v6.9.0","v6.9.1","v7.0.0","v7.1.0","v7.10.0","v7.10.1","v7.10.2","v7.10.3","v7.10.4","v7.10.5","v7.10.6","v7.10.7","v7.10.8","v7.10.9","v7.11.0","v7.12.0","v7.12.1","v7.12.2","v7.12.3","v7.12.4","v7.12.5","v7.12.6","v7.12.7","v7.12.8","v7.12.9","v7.13.0","v7.13.1","v7.13.2","v7.13.3","v7.13.4","v7.13.5","v7.13.6","v7.13.7","v7.14.0","v7.14.1","v7.14.2","v7.14.3","v7.15.0","v7.15.1","v7.15.2","v7.15.3","v7.15.4","v7.15.5","v7.16.0","v7.16.1","v7.17.0","v7.18.0","v7.18.1","v7.18.2","v7.19.0","v7.19.1","v7.19.2","v7.19.3","v7.2.0","v7.20.0","v7.20.1","v7.21.0","v7.21.1","v7.22.0","v7.22.1","v7.22.2","v7.22.3","v7.22.4","v7.22.5","v7.23.0","v7.23.1","v7.24.0","v7.24.1","v7.24.2","v7.24.3","v7.24.4","v7.24.5","v7.24.6","v7.24.7","v7.24.8","v7.24.9","v7.25.0","v7.25.1","v7.25.2","v7.25.3","v7.25.4","v7.26.0","v7.26.1","v7.26.2","v7.26.3","v7.27.0","v7.27.1","v7.28.0","v7.29.0","v7.29.1","v7.29.2","v7.29.3","v7.29.4","v7.3.0","v7.30.0","v7.30.1","v7.30.10","v7.30.11","v7.30.12","v7.30.13","v7.30.2","v7.30.3","v7.30.4","v7.30.5","v7.30.6","v7.30.7","v7.30.8","v7.30.9","v7.31.0","v7.31.1","v7.31.2","v7.31.3","v7.31.4","v7.32","v7.4.0","v7.4.1","v7.5.0","v7.6.0","v7.7.0","v7.7.1","v7.8.0","v7.8.1","v7.8.2","v7.8.3","v7.8.4","v7.8.5","v7.8.6","v7.8.7","v7.8.8","v7.9.0","v7.9.1","v7.9.2","v7.9.3","v7.9.4","v7.9.5","v7.9.6","v7.9.7","v7.9.8","v7.9.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25991.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H"}]}