CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3553

A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an attacker to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint for Linux versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.0%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2021-3553

Bitdefender » Endpoint Security Tools » Version: Any

cpe:2.3:a:bitdefender:endpoint_security_tools:*
Bitdefender » Endpoint Security Tools » Version: 6.2.21.155

cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.155
Bitdefender » Endpoint Security Tools » Version: 6.2.21.18

cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.18
Bitdefender » Gravityzone » Version: 6.24.1-1

cpe:2.3:a:bitdefender:gravityzone:6.24.1-1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3553

Products

Pricing

Contact Us