PT-2021-14159 · Unknown · Clusterpro X+3

Published

2021-11-02

Updated

2022-04-29

CVE-2021-20700

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: CLUSTERPRO X versions 4.3 and earlier EXPRESSCLUSTER X versions 4.3 and earlier CLUSTERPRO X SingleServerSafe versions 4.3 and earlier EXPRESSCLUSTER X SingleServerSafe versions 4.3 and earlier

Description: The issue allows an attacker to achieve remote code execution via a network due to a buffer overflow vulnerability in the Disk Agent.

Recommendations: For CLUSTERPRO X versions 4.3 and earlier, update to a version later than 4.3 to resolve the issue. For EXPRESSCLUSTER X versions 4.3 and earlier, update to a version later than 4.3 to resolve the issue. For CLUSTERPRO X SingleServerSafe versions 4.3 and earlier, update to a version later than 4.3 to resolve the issue. For EXPRESSCLUSTER X SingleServerSafe versions 4.3 and earlier, update to a version later than 4.3 to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2021-20700

Affected Products

Clusterpro X

Clusterpro X Singleserversafe

Expresscluster X

Expresscluster X Singleserversafe

PT-2021-14159 · Unknown · Clusterpro X+3

CVE-2021-20700

Weakness Enumeration

Related Identifiers

Affected Products

References · 4