Vulnerabilities > Riverbed

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-42786 Improper Input Validation vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests.
network
low complexity
riverbed CWE-20
7.5
2022-03-10 CVE-2021-42787 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API.
network
low complexity
riverbed CWE-22
7.5
2022-03-10 CVE-2021-42853 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API.
network
low complexity
riverbed CWE-22
7.5
2022-03-10 CVE-2021-42854 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API.
network
low complexity
riverbed CWE-22
7.5
2022-03-10 CVE-2021-42855 Incorrect Authorization vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-configured commands.
local
low complexity
riverbed CWE-863
4.6
2022-03-10 CVE-2021-42856 Cross-site Scripting vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack.
network
riverbed CWE-79
4.3
2022-03-10 CVE-2021-42857 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API.
network
low complexity
riverbed CWE-22
5.0
2020-07-27 CVE-2020-15593 Incorrect Permission Assignment for Critical Resource vulnerability in Riverbed Steelcentral Aternity Agent 11.0.0.120
SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC.
local
low complexity
riverbed CWE-732
7.2
2020-07-27 CVE-2020-15592 Path Traversal vulnerability in Riverbed Steelcentral Aternity Agent
SteelCentral Aternity Agent before 11.0.0.120 on Windows allows Privilege Escalation via a crafted file.
network
low complexity
riverbed CWE-22
5.0
2019-08-05 CVE-2019-3800 Information Exposure vulnerability in multiple products
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag.
2.1