Vulnerability Details CVE-2021-27101
Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 79.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.
Ransomware Campaign
Known
References