CVE-2021-43271

Name of the Vulnerable Software and Affected Versions Riverbed AppResponse versions 11.8.0 through 11.11.5a

Description The issue concerns the logging of usernames and passwords when incorrect credentials are entered during login to the WebUI. If a user enters an incorrect username and/or password, these attempted credentials are included in an error message that is logged in the WebUI log file. This does not occur if the username and password provided correctly match a valid set of credentials or if AppResponse is configured to use SAML authentication. The WebUI log file is included in subsequent diagnostic system dumps that are generated, which can be accessed by users with Full Control access to the System Configuration permission, such as System Administrators.

Recommendations For Riverbed AppResponse versions 11.8.0 through 11.11.5a, consider configuring the system to use SAML authentication to prevent the logging of incorrect usernames and passwords. Additionally, restrict access to the WebUI log file and diagnostic system dumps to minimize the risk of exposing attempted credentials. As a temporary workaround, consider limiting the number of login attempts to reduce the likelihood of credential logging. At the moment, there is no information about a newer version that contains a fix for this vulnerability.