Vulnerability Details CVE-2021-3554
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.0%
CVSS Severity
CVSS v3 Score 9.0
CVSS v2 Score 7.5
References
Products affected by CVE-2021-3554
-
cpe:2.3:a:bitdefender:endpoint_security_tools:*
-
cpe:2.3:a:bitdefender:endpoint_security_tools:-
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.155
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.171
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.18
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.11.163
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.12.170
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.18.261
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.23.320
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.8.115
-
cpe:2.3:a:bitdefender:gravityzone:-
-
cpe:2.3:a:bitdefender:gravityzone:3.3.8.249
-
cpe:2.3:a:bitdefender:gravityzone:5.1.11.432
-
cpe:2.3:a:bitdefender:gravityzone:5.1.21.465
-
cpe:2.3:a:bitdefender:gravityzone:5.1.23-470
-
cpe:2.3:a:bitdefender:gravityzone:5.1.23-471
-
cpe:2.3:a:bitdefender:gravityzone:5.1.23-472
-
cpe:2.3:a:bitdefender:gravityzone:5.1.23-473
-
cpe:2.3:a:bitdefender:gravityzone:5.1.23-474
-
cpe:2.3:a:bitdefender:gravityzone:5.1.23-476
-
cpe:2.3:a:bitdefender:gravityzone:5.1.23-477
-
cpe:2.3:a:bitdefender:gravityzone:5.1.25-483
-
cpe:2.3:a:bitdefender:gravityzone:5.1.25-487
-
cpe:2.3:a:bitdefender:gravityzone:5.1.25-525
-
cpe:2.3:a:bitdefender:gravityzone:5.1.25-526
-
cpe:2.3:a:bitdefender:gravityzone:5.1.5.386
-
cpe:2.3:a:bitdefender:gravityzone:6.1.27-537
-
cpe:2.3:a:bitdefender:gravityzone:6.1.29-540
-
cpe:2.3:a:bitdefender:gravityzone:6.1.29-545
-
cpe:2.3:a:bitdefender:gravityzone:6.1.29-546
-
cpe:2.3:a:bitdefender:gravityzone:6.1.29-547
-
cpe:2.3:a:bitdefender:gravityzone:6.1.41-549
-
cpe:2.3:a:bitdefender:gravityzone:6.2.1-30
-
cpe:2.3:a:bitdefender:gravityzone:6.2.1-34
-
cpe:2.3:a:bitdefender:gravityzone:6.2.1-35
-
cpe:2.3:a:bitdefender:gravityzone:6.24.1-1
-
cpe:2.3:a:bitdefender:gravityzone:6.3.1-4
-
cpe:2.3:a:bitdefender:gravityzone:6.3.3-2
-
cpe:2.3:a:bitdefender:gravityzone:6.3.3-3
-
cpe:2.3:a:bitdefender:gravityzone:6.3.3-4
-
cpe:2.3:a:bitdefender:gravityzone:6.3.3-8
-
cpe:2.3:a:bitdefender:gravityzone:6.3.3-9
-
cpe:2.3:a:bitdefender:gravityzone:6.3.5-2
-
cpe:2.3:a:bitdefender:gravityzone:6.3.5-3
-
cpe:2.3:a:bitdefender:gravityzone:6.3.5-4
-
cpe:2.3:a:bitdefender:gravityzone:6.3.7-1
-
cpe:2.3:a:bitdefender:gravityzone:6.3.7-7
-
cpe:2.3:a:bitdefender:gravityzone:6.3.9-3
-
cpe:2.3:a:bitdefender:gravityzone:6.5.3-70