Accellion File Transfer Appliance Multiple Vulnerabilities
Release Date:
4 Mar 2021
5039
Views
RISK: Extremely High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in Accellion File Transfer Appliance, a remote user could exploit some of these vulnerabilities to trigger remote code execution, cross-site scripting and security restriction bypass on the targeted system.
Note:
CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104 are being exploited in the wild
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- FTA version prior to 9.12.444
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://www.accellion.com/sites/default/files/trust-center/accellion-fta-attack-mandiant-report-full.pdf
Vulnerability Identifier
Source
Related Link
Share with