The server-request receiver function of Shockwall system has an improper authentication vulnerability. An authenticated attacker of an agent computer within the local area network can use the local registry information to launch server-side request forgery (SSRF) attack on another agent computer, resulting in arbitrary code execution for controlling the system or disrupting service.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2022-01-03T10:10:21.764261Z

Updated: 2024-09-16T20:32:34.721Z

Reserved: 2021-12-29T00:00:00

Link: CVE-2021-45917

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-01-03T10:15:08.390

Modified: 2024-11-21T06:33:16.283

Link: CVE-2021-45917

cve-icon Redhat

No data.