Lucene search

F-SecureUSCVELIST:CVE-2021-33601

HistorySep 28, 2021 - 9:08 a.m.

CVE-2021-33601 Arbitrary Code Execution in Web Interface of F-Secure Internet Gatekeeper

2021-09-2809:08:33

F-SecureUS

www.cve.org

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server.

CNA Affected

[
  {
    "product": "F-Secure Internet Gatekeeper",
    "vendor": "F-Secure",
    "versions": [
      {
        "status": "affected",
        "version": "5 Series All Version "
      }
    ]
  }
]

References

www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33601

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Related for CVELIST:CVE-2021-33601