CVE-2021-27101 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2021-27101

Accellion | FTAAdded 2021-11-03Remediation Deadline 2021-11-17Active Ransomware Campaign

Accellion FTA SQL Injection Vulnerability

Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-89

CWE-138

References

https://nvd.nist.gov/vuln/detail/CVE-2021-27101