CVE-2021-36921
HIGHMonitorapp Application Insight Manager < b115 - Authentication Bypass
Title source: ruleDescription
AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request.
References (3)
Core 3
Core References
Product, Vendor Advisory x_refsource_misc
https://www.monitorapp.com/waf/
Third Party Advisory x_refsource_misc
https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0021/FEYE-2021-0021.md
Third Party Advisory x_refsource_confirm
https://github.com/monitorapp-aicc/report/wiki/CVE-2021-36921
Scores
CVSS v3
8.8
EPSS
0.0050
EPSS Percentile
66.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
monitorapp/application_insight_manager
b107 - b115
Published
Aug 12, 2021
Tracked Since
Feb 18, 2026