CVE-2021-29431

Name of the Vulnerable Software and Affected Versions: Sydent versions prior to the versions including fixes 9e57334, 8936925, 3d531ed, 0f00412

Description: The issue allows Sydent to be induced to send HTTP GET requests to internal systems due to a lack of parameter validation or IP address blacklisting. Although it is not possible to exfiltrate data or control request headers, the attack might be used to perform an internal port enumeration.

Recommendations: For versions prior to the fixed versions, update to a version that includes the fixes 9e57334, 8936925, 3d531ed, 0f00412 to resolve the issue. As a temporary workaround, consider configuring a firewall to prevent Sydent from reaching internal HTTP resources.