A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-01-04T15:40:34
Updated: 2024-08-04T04:39:20.701Z
Reserved: 2021-12-20T00:00:00
Link: CVE-2021-45389
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-01-04T16:15:09.727
Modified: 2024-11-21T06:32:09.183
Link: CVE-2021-45389
Redhat
No data.