Vulnerability Description
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Claroty | Secure Remote Access | >= 3.0, <= 3.2 |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-21-180-06Third Party AdvisoryUS Government Resource
- https://www.cisa.gov/uscert/ics/advisories/icsa-21-180-06Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2021-32958?
CVE-2021-32958 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, su...
How severe is CVE-2021-32958?
CVE-2021-32958 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-32958?
Check the references section above for vendor advisories and patch information. Affected products include: Claroty Secure Remote Access.