CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42786

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 79.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://aternity.force.com/customersuccess/s/article/Remote-Code-Execution-at-AgentControllerServlet-CVE-2021-42786
https://aternity.force.com/customersuccess/s/article/Remote-Code-Execution-at-AgentControllerServlet-CVE-2021-42786

Products affected by CVE-2021-42786

Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 10.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:10.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 11.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:11.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 12.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:12.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42786

Products

Pricing

Contact Us