Lucene search

[email protected]CVE-2021-27102

HistoryFeb 16, 2021 - 9:15 p.m.

CVE-2021-27102

2021-02-1621:15:00

CWE-78

[email protected]

web.nvd.nist.gov

954

In Wild

accellion

fta

cve-2021-27102

os command execution

vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

34.6%

JSON

Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later.

CPENameOperatorVersion
accellion:ftaaccellion ftale9_12_411

CPE	Name	Operator	Version
accellion:fta	accellion fta	le	9_12_411

References

github.com/accellion/CVEs/blob/main/CVE-2021-27102.txt

www.accellion.com/products/fta/

Social References

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

34.6%

JSON

Related for CVE-2021-27102

prion1 cisa_kev1 attackerkb1 nessus1 ics3 threatpost3 fireeye1 impervablog1 thn3 talosblog1 qualysblog2