CVE-2021-36921
HIGHAIMANAGER < b115 - Improper Authentication via Authentication Response Tampering
Title source: llmDescription
AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request.
References (3)
Core 3
Core References
Product, Vendor Advisory x_refsource_misc
https://www.monitorapp.com/waf/
Third Party Advisory x_refsource_misc
https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0021/FEYE-2021-0021.md
Third Party Advisory x_refsource_confirm
https://github.com/monitorapp-aicc/report/wiki/CVE-2021-36921
Scores
CVSS v3
8.8
EPSS
0.0137
EPSS Percentile
68.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
monitorapp/application_insight_manager
b107 - b115
Published
Aug 12, 2021
Tracked Since
Feb 18, 2026