CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42853

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be injected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.5%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 7.5

References

Products affected by CVE-2021-42853

Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 10.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:10.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 11.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:11.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 12.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:12.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42853

Products

Pricing

Contact Us