PT-2021-23293 · Teleport · Teleport

Published

2021-09-18

Updated

2021-09-29

CVE-2021-41395

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Teleport versions prior to 6.2.12 Teleport versions 7.x prior to 7.1.1

Description The issue allows attackers to control a database connection string, in some situations, via a crafted database name or username.

Recommendations For Teleport versions prior to 6.2.12, update to version 6.2.12 or later. For Teleport versions 7.x prior to 7.1.1, update to version 7.1.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-41395

Affected Products

Teleport

PT-2021-23293 · Teleport · Teleport

CVE-2021-41395

Related Identifiers

Affected Products

References · 5