CVE-2021-22941
CVE-2021-22941
In short
Citrix ShareFile's storage zones controller has a flaw that allows someone without credentials to take over the system remotely. This is critical because attackers can gain full control without needing any password or authentication.
Technical detail
An improper access control vulnerability (CWE-284) in Citrix ShareFile storage zones controller versions before 5.11.20 allows unauthenticated remote attackers to compromise the affected system. The vulnerability requires no prior authentication or user interaction, enabling complete system takeover with CVSS 9.8 severity.
Summary generated and translated by AI from the official description.
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Citrix ShareFile storage zones controllerpublic PoCs found — 2
githubgithub.com/hoav18/CVE-2021-22941★ 13githubgithub.com/pratikjojode/citrix-cve-2021-22941-lab★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →