Vulnerabilities > Riverbed > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-03 CVE-2021-43271 Information Exposure Through Log Files vulnerability in Riverbed Appresponse
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11.1, 11.11.1a, 11.11.5, and 11.11.5a (when configured to use local, RADIUS, or TACACS authentication) logs usernames and passwords if either is entered incorrectly.
network
high complexity
riverbed CWE-532
7.1
2022-03-10 CVE-2021-42786 Improper Input Validation vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests.
network
low complexity
riverbed CWE-20
7.5
2022-03-10 CVE-2021-42787 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API.
network
low complexity
riverbed CWE-22
7.5
2022-03-10 CVE-2021-42853 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API.
network
low complexity
riverbed CWE-22
7.5
2022-03-10 CVE-2021-42854 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API.
network
low complexity
riverbed CWE-22
7.5
2020-07-27 CVE-2020-15593 Incorrect Permission Assignment for Critical Resource vulnerability in Riverbed Steelcentral Aternity Agent 11.0.0.120
SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC.
local
low complexity
riverbed CWE-732
7.2
2017-04-04 CVE-2017-7307 Incorrect Permission Assignment for Critical Resource vulnerability in Riverbed Rios
Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file.
local
low complexity
riverbed CWE-732
7.2