CVE-2021-42786
CRITICALSteelCentral AppInternals Dynamic Sampling Agent 11.0.0-11.8.7 - Remote Code Execution via API Request Injection
Title source: llmDescription
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://aternity.force.com/customersuccess/s/article/Remote-Code-Execution-at-AgentControllerServlet-CVE-2021-42786
Scores
CVSS v3
9.8
EPSS
0.0196
EPSS Percentile
77.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (2)
riverbed/steelcentral_appinternals_dynamic_sampling_agent
10.0.0
riverbed/steelcentral_appinternals_dynamic_sampling_agent
11.0.0 - 11.8.8
Published
Mar 10, 2022
Tracked Since
Feb 18, 2026