CVE-2021-22941

Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise...

Basic Information

CVE State: PUBLISHED
Reserved Date: January 06, 2021
Published Date: September 23, 2021
Last Updated: February 04, 2025
Vendor: n/a
Product: Citrix ShareFile storage zones controller
Description: Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2022-03-25 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2021-10-12 14:52:38 UTC) Source
Used in Malware: Yes (added 2022-03-25 00:00:00 UTC) Source

References

https://support.citrix.com/article/CTX328123

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-03-25 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

hoavt18/CVE-2021-22941

Type: github • Created: 2021-10-12 14:52:38 UTC • Stars: 14