CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9421

Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 6.4

References

https://github.com/jer1nj0y/Vulns/blob/master/Kiteworks%20Vulnerability
https://github.com/jer1nj0y/Vulns/blob/master/Kiteworks%20Vulnerability

Products affected by CVE-2017-9421

Accellion » Kiteworks » Version: 7.3.0

cpe:2.3:a:accellion:kiteworks:7.3.0
Accellion » Kiteworks » Version: 7.3.1

cpe:2.3:a:accellion:kiteworks:7.3.1
Accellion » Kiteworks » Version: 7.3.2

cpe:2.3:a:accellion:kiteworks:7.3.2
Accellion » Kiteworks » Version: 7.4.0

cpe:2.3:a:accellion:kiteworks:7.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9421

Products

Pricing

Contact Us