Exposures › CVE-2021-27103
CVE-2021-27103
Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⌖ exploited in the wild
shame 80/100
ransomwareexploited-in-wild
Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.
Players implicated
Description
Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.
Sentiment · trusted sources
-
synthesis severe-fallout -0.60Vulnerability disclosed with minimal context, no praise for handling.
-
Neutral disclosure, no commendation.
“Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.”
Affected FedRAMP products 1 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Kiteworks Federal Cloud | Accellion USA, LLC. | Authorized | vendor-exact · 0.90 |