CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42787

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be injected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.9%

CVSS Severity

CVSS v3 Score 9.4

CVSS v2 Score 7.5

References

Products affected by CVE-2021-42787

Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 10.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:10.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 11.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:11.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 12.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:12.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42787

Products

Pricing

Contact Us