CVE-2021-31589

Name of the Vulnerable Software and Affected Versions BeyondTrust Secure Remote Access Base Software versions prior to 6.0.2

Description A cross-site scripting (XSS) issue allows the injection of specially-crafted web requests without proper sanitization. This occurs when an unauthenticated, crafted web request is sent to the server, potentially allowing an attacker to achieve full admin access to the appliance by tricking the administrator into creating a new admin account through an XSS/CSRF attack involving a crafted request to the "/appliance/users?action=edit" endpoint.

Recommendations For BeyondTrust Secure Remote Access Base Software versions prior to 6.0.2, update to a version newer than 6.0.1 to resolve the issue. As a temporary workaround, consider restricting access to the "/appliance/users?action=edit" endpoint to minimize the risk of exploitation.