Exposures › CVE-2021-27101

CVE-2021-27101

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
◐ zero-day ⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wildzero-day

Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.

Players implicated

Description

Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.

Sentiment · trusted sources

  • synthesis neutral +0.00
    No sentiment expressed; only technical facts and catalog listings.
  • cooey ↗ neutral +0.00
    Neutral; technical fact only.
    “Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.”
  • SentinelOne ↗ neutral +0.00
    Neutral; no mention of Accellion or CVE-2021-27101.
  • www.cvefind.com ↗ neutral +0.00
    Neutral; no mention of Accellion or CVE-2021-27101.
  • CISA ↗ neutral +0.00
    Neutral; no mention of Accellion or CVE-2021-27101.
  • cvefeed.io ↗ neutral +0.00
    Neutral; no mention of Accellion or CVE-2021-27101.
  • app.opencve.io ↗ neutral +0.00
    Neutral; no mention of Accellion or CVE-2021-27101.
  • NVD ↗ neutral +0.00
    Neutral; no mention of Accellion or CVE-2021-27101.

Affected FedRAMP products 1 in the catalog

ProductProviderStatusMatch
Kiteworks Federal Cloud Accellion USA, LLC. Authorized vendor-exact · 0.90