CVE-2021-41845
MEDIUMThycotic Secret Server 10.9.000032-11.0.000006 - SQL Injection
Title source: llmDescription
A SQL injection issue was discovered in ThycoticCentrify Secret Server before 11.0.000007. The only affected versions are 10.9.000032 through 11.0.000006.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://docs.thycotic.com/bulletins/current/2021/11.0.000007.md
Release Notes, Vendor Advisory x_refsource_misc
https://docs.thycotic.com/ss/11.0.0/release-notes/ss-rn-11-0-000007.md
Scores
CVSS v3
6.5
EPSS
0.0066
EPSS Percentile
47.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-89
Status
published
Products (1)
thycotic/secret_server
10.9.000032 - 11.0.000007
Published
Oct 01, 2021
Tracked Since
Feb 18, 2026