Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2021-27103 | Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability | secondary_impact | T1005 | Data from Local System |
Comments
CVE-2021-27103 is a server-side request forgery vulnerability in Accellion File Transfer Appliance in Accellion that allows an adversary to manipulate server requests via a crafted POST request.
References
|
CVE-2021-27103 | Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2021-27103 is a server-side request forgery vulnerability in Accellion File Transfer Appliance in Accellion that allows an adversary to manipulate server requests via a crafted POST request.
References
|