CVE-2021-42786

Summary

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected.

Affected Software

VendorProductVersion RangeStatus
AternitySteelCentral AppInternals Dynamic Sampling Agent10.xaffected
AternitySteelCentral AppInternals Dynamic Sampling Agent12.13.0 < 12.13.0affected
AternitySteelCentral AppInternals Dynamic Sampling Agent11.8.8 < 11.8.8affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References