CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-45389

A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://www.starwindsoftware.com/security/sw-20211215-0001/
https://www.starwindsoftware.com/security/sw-20211512-0001/
https://www.starwindsoftware.com/security/sw-20211215-0001/
https://www.starwindsoftware.com/security/sw-20211512-0001/

Products affected by CVE-2021-45389

Starwind » Command Center » Version: 6864

cpe:2.3:a:starwind:command_center:6864
Starwind » San&nas » Version: 1578

cpe:2.3:a:starwind:san&nas:1578

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-45389

Products

Pricing

Contact Us