Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2021-27101 | Accellion FTA SQL Injection Vulnerability | secondary_impact | T1005 | Data from Local System |
Comments
CVE-2021-27101 is a SQL injection vulnerability in Accellion File Transfer Appliance that allows an adversary to execute SQL commands.
References
|
CVE-2021-27101 | Accellion FTA SQL Injection Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
CVE-2021-27101 is a SQL injection vulnerability in Accellion File Transfer Appliance that allows an adversary to execute SQL commands.
References
|