GCVE - cpe:2.3:a:n/a:dream_report:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:dream_report:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Dream Report (`bb72604c-9024-5d65-91a6-ef65890d161e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-21957`	vulnerable	2026-06-08 05:29:59.151389	Details available HIGH (8.8) A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-12-08T21:29:57.000Z Updated: 2024-08-03T18:30:23.591Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2021-1384	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13534`	vulnerable	2026-06-08 05:18:00.751921	Details available CRITICAL (9.3) A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID), installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-04-09T17:50:07.000Z Updated: 2024-08-04T12:18:18.453Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1146	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13533`	vulnerable	2026-06-08 05:18:00.751413	Details available CRITICAL (9.3) A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs in and uses the application. Published: 2021-04-09T17:50:10.000Z Updated: 2024-08-04T12:18:18.431Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1146	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13532`	vulnerable	2026-06-08 05:18:00.750317	Details available CRITICAL (9.3) A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM. An attacker can provide a malicious file to trigger this vulnerability. Published: 2021-04-09T17:50:13.000Z Updated: 2024-08-04T12:18:18.282Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1146	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.