CVE-2021-42857

Name of the Vulnerable Software and Affected Versions SteelCentral AppInternals Dynamic Sampling Agent (affected versions not specified)

Description The issue concerns a directory traversal vulnerability in the AgentDaServlet of the SteelCentral AppInternals Dynamic Sampling Agent. This vulnerability is located at the "/api/appInternals/1.0/agent/da/pcf" API endpoint. The problem arises because the affected endpoint lacks validation of the user's input, allowing a malicious payload to be injected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.