Vulnerability Description
AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Monitorapp | Application Insight Manager | >= b107, < b115 |
| Monitorapp | Application Insight Web Application Firewall | - |
Related Weaknesses (CWE)
References
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0021/Third Party Advisory
- https://github.com/monitorapp-aicc/report/wiki/CVE-2021-36921Third Party Advisory
- https://www.monitorapp.com/waf/ProductVendor Advisory
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0021/Third Party Advisory
- https://github.com/monitorapp-aicc/report/wiki/CVE-2021-36921Third Party Advisory
- https://www.monitorapp.com/waf/ProductVendor Advisory
FAQ
What is CVE-2021-36921?
CVE-2021-36921 is a vulnerability with a CVSS score of 8.8 (HIGH). AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying...
How severe is CVE-2021-36921?
CVE-2021-36921 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-36921?
Check the references section above for vendor advisories and patch information. Affected products include: Monitorapp Application Insight Manager, Monitorapp Application Insight Web Application Firewall.