CVE-2024-3781

Name of the Vulnerable Software and Affected Versions WBSAirback version 21.02.04

Description The issue is related to a command injection vulnerability in the operating system, specifically due to improper neutralisation of special elements in Active Directory integration. This allows the intended command to be modified when sent to a downstream component.

Recommendations For WBSAirback version 21.02.04, consider restricting access to the Active Directory integration component to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using special elements in commands sent to downstream components. At the moment, there is no information about a newer version that contains a fix for this vulnerability.