PT-2021-21408 · Unknown+1 · Monitorapp Application Insight Web Application Firewall+1

Sameer S. Mohite

Published

2021-08-12

Updated

2021-08-24

CVE-2021-36921

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AIMANAGER version 2.1.0 before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices

Description The issue allows an attacker to gain administrative access by modifying the response to an authentication check request, due to improper authentication.

Recommendations For AIMANAGER version 2.1.0 before B115, update to a version that includes the B115 patch or later to resolve the issue.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2021-36921

Affected Products

Aimanager

Monitorapp Application Insight Web Application Firewall

PT-2021-21408 · Unknown+1 · Monitorapp Application Insight Web Application Firewall+1

CVE-2021-36921

Weakness Enumeration

Related Identifiers

Affected Products

References · 5