CVE-2021-39196

Name of the Vulnerable Software and Affected Versions pcapture versions prior to 3.12

Description The issue allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is significant because capture filters can limit the scope of information that a user can see in the data captures. If no filter is present, all data on the local network segment where the program is running can be captured and downloaded.

Recommendations For versions prior to 3.12, upgrade to version 3.12 or greater to resolve the issue. There is no workaround, and upgrading is the only solution to fix the problem.