The server-request receiver function of Shockwall system has an improper authentication vulnerability. An authenticated attacker of an agent computer within the local area network can use the local registry information to launch server-side request forgery (SSRF) attack on another agent computer, resulting in arbitrary code execution for controlling the system or disrupting service.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.twcert.org.tw/tw/cp-132-5433-77f6f-1.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2022-01-03T10:10:21.764261Z
Updated: 2024-09-16T20:32:34.721Z
Reserved: 2021-12-29T00:00:00
Link: CVE-2021-45917
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-01-03T10:15:08.390
Modified: 2024-11-21T06:33:16.283
Link: CVE-2021-45917
Redhat
No data.