Vulnerability Description
A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Beyondtrust | Appliance Base Software | <= 6.0.1 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/165408/BeyondTrust-Remote-Support-6.0-CrossExploitThird Party AdvisoryVDB Entry
- https://cxsecurity.com/issue/WLB-2022010013ExploitIssue TrackingThird Party Advisory
- https://www.beyondtrust.com/docs/release-notes/index.htmRelease NotesVendor Advisory
- http://packetstormsecurity.com/files/165408/BeyondTrust-Remote-Support-6.0-CrossExploitThird Party AdvisoryVDB Entry
- https://cxsecurity.com/issue/WLB-2022010013ExploitIssue TrackingThird Party Advisory
- https://www.beyondtrust.com/docs/release-notes/index.htmRelease NotesVendor Advisory
FAQ
What is CVE-2021-31589?
CVE-2021-31589 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, sp...
How severe is CVE-2021-31589?
CVE-2021-31589 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-31589?
Check the references section above for vendor advisories and patch information. Affected products include: Beyondtrust Appliance Base Software.