CVE-2021-3552 - OpenCVE

A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender GravityZone 6.24.1-1.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bitdefender	Endpoint Security Tools Gravityzone

Configuration 1 [-]

OR	cpe:2.3:a:bitdefender:endpoint_security_tools::::::-::*
	cpe:2.3:a:bitdefender:endpoint_security_tools::::::::
	cpe:2.3:a:bitdefender:endpoint_security_tools::::::::
	cpe:2.3:a:bitdefender:gravityzone:6.24.1-1:::::::*

No data.

References

Link	Providers
https://www.bitdefender.com/support/security-advisories/insufficient-validation-regular-expression-eppupdateservice-config-file-va-9825

History

No history.

MITRE

Status: PUBLISHED

Assigner: Bitdefender

Published: 2021-11-24T14:40:13.004867Z

Updated: 2024-09-16T17:33:06.659Z

Reserved: 2021-05-17T00:00:00

Link: CVE-2021-3552

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-11-24T16:15:13.667

Modified: 2021-12-01T14:53:45.653

Link: CVE-2021-3552

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Endpoint Security Tools", "vendor": "Bitdefender", "versions": [{"lessThan": "6.6.27.390", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "7.1.2.33", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "GravityZone", "vendor": "Bitdefender", "versions": [{"status": "affected", "version": "6.24.1-1"}]}], "credits": [{"lang": "en", "value": "Nicolas VERDIER, Cybersecurity Consultant at TEHTRIS"}], "datePublic": "2021-06-05T00:00:00", "descriptions": [{"lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender GravityZone 6.24.1-1."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-24T14:40:12", "orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.bitdefender.com/support/security-advisories/insufficient-validation-regular-expression-eppupdateservice-config-file-va-9825"}], "source": {"advisory": "VA-9825", "discovery": "EXTERNAL"}, "title": "Insufficient validation on regular expression in EPPUpdateService config file (VA-9825)", "workarounds": [{"lang": "en", "value": "An automatic update to version 6.6.27.390 fixes the issue."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-requests@bitdefender.com", "DATE_PUBLIC": "2021-06-05T09:00:00.000Z", "ID": "CVE-2021-3552", "STATE": "PUBLIC", "TITLE": "Insufficient validation on regular expression in EPPUpdateService config file (VA-9825)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Endpoint Security Tools", "version": {"version_data": [{"version_affected": "<", "version_value": "6.6.27.390"}, {"version_affected": "<", "version_value": "7.1.2.33"}]}}, {"product_name": "GravityZone", "version": {"version_data": [{"version_value": "6.24.1-1"}]}}]}, "vendor_name": "Bitdefender"}]}}, "credit": [{"lang": "eng", "value": "Nicolas VERDIER, Cybersecurity Consultant at TEHTRIS"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender GravityZone 6.24.1-1."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-918 Server-Side Request Forgery (SSRF)"}]}]}, "references": {"reference_data": [{"name": "https://www.bitdefender.com/support/security-advisories/insufficient-validation-regular-expression-eppupdateservice-config-file-va-9825", "refsource": "MISC", "url": "https://www.bitdefender.com/support/security-advisories/insufficient-validation-regular-expression-eppupdateservice-config-file-va-9825"}]}, "source": {"advisory": "VA-9825", "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "An automatic update to version 6.6.27.390 fixes the issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:01:08.290Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.bitdefender.com/support/security-advisories/insufficient-validation-regular-expression-eppupdateservice-config-file-va-9825"}]}]}, "cveMetadata": {"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "assignerShortName": "Bitdefender", "cveId": "CVE-2021-3552", "datePublished": "2021-11-24T14:40:13.004867Z", "dateReserved": "2021-05-17T00:00:00", "dateUpdated": "2024-09-16T17:33:06.659Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:-:*:*", "matchCriteriaId": "BC888582-44E4-4FD0-9847-9D98E85E1C22", "versionEndExcluding": "6.2.21.160", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "60CD3395-8839-4682-B0AB-3014302A92DC", "versionEndExcluding": "6.6.27.390", "versionStartIncluding": "6.6.27.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1087345-C896-4934-A019-552B2B9F303F", "versionEndExcluding": "7.1.2.33", "versionStartIncluding": "7.0.0.00", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:gravityzone:6.24.1-1:*:*:*:*:*:*:*", "matchCriteriaId": "7D891393-9AC4-434F-B1D1-2D1B2FA7C0C9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender GravityZone 6.24.1-1."}, {"lang": "es", "value": "Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el componente EPPUpdateService de Bitdefender Endpoint Security Tools permite a un atacante enviar peticiones al servidor de retransmisi\u00f3n. Este problema afecta a: Las versiones de Bitdefender Endpoint Security Tools anteriores a 6.6.27.390; las versiones anteriores a 7.1.2.33. Bitdefender GravityZone 6.24.1-1"}], "id": "CVE-2021-3552", "lastModified": "2021-12-01T14:53:45.653", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}, "published": "2021-11-24T16:15:13.667", "references": [{"source": "cve-requests@bitdefender.com", "tags": ["Broken Link"], "url": "https://www.bitdefender.com/support/security-advisories/insufficient-validation-regular-expression-eppupdateservice-config-file-va-9825"}], "sourceIdentifier": "cve-requests@bitdefender.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}