Vulnerabilities > Riverbed > Steelcentral Appinternals Dynamic Sampling Agent > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-10 | CVE-2021-42855 | Incorrect Permission Assignment for Critical Resource vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0/11.0.0/12.0.0 It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-configured commands. | 4.6 |
2022-03-10 | CVE-2021-42856 | Cross-site Scripting vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0 It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack. | 4.3 |
2022-03-10 | CVE-2021-42857 | Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0 It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. | 5.0 |