CVE-2021-3552

Name of the Vulnerable Software and Affected Versions: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390 Bitdefender Endpoint Security Tools versions prior to 7.1.2.33 Bitdefender GravityZone version 6.24.1-1

Description: A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component allows an attacker to proxy requests to the relay server.

Recommendations: For Bitdefender Endpoint Security Tools versions prior to 6.6.27.390, update to version 6.6.27.390 or later. For Bitdefender Endpoint Security Tools versions prior to 7.1.2.33, update to version 7.1.2.33 or later. For Bitdefender GravityZone version 6.24.1-1, consider disabling the EPPUpdateService component until a patch is available.