CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42857

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be injected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.1%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2021-42857

Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 10.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:10.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 11.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:11.0.0
Riverbed » Steelcentral Appinternals Dynamic Sampling Agent » Version: 12.0.0

cpe:2.3:a:riverbed:steelcentral_appinternals_dynamic_sampling_agent:12.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42857

Products

Pricing

Contact Us