Exposures › CVE-2021-27102

CVE-2021-27102

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE ⌖ exploited in the wild shame 95/100 ransomwarerceexploited-in-wild

Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.

Players implicated

Description

Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.

Sentiment · trusted sources

  • synthesis neutral +0.00
    No sentiment expressed; sources are CVE databases and aggregators with no commentary on vendor handling.
  • cooey ↗ neutral +0.00
    Neutral; NVD entry states facts without sentiment.
    “Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.”
  • cve.akaoma.com ↗ neutral +0.00
    Neutral; CVE aggregator page with no vendor commentary.
  • www.cvefind.com ↗ neutral +0.00
    Neutral; CVE database site with no vendor commentary.
  • app.opencve.io ↗ neutral +0.00
    Neutral; CVE database site with no vendor commentary.
  • SentinelOne ↗ neutral +0.00
    Neutral; Vendor security page with no CVE commentary.
  • cvefeed.io ↗ neutral +0.00
    Neutral; CVE aggregator page with no vendor commentary.

Affected FedRAMP products 1 in the catalog

ProductProviderStatusMatch
Kiteworks Federal Cloud Accellion USA, LLC. Authorized vendor-exact · 0.90