CVE-2021-3619
Description
Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentication persistent cross-site scripting (XSS) issue, where an authenticated user could abuse MIME filetype sniffing to embed executable code on a malicious upload. This issue was fixed in version 0.6.0. Note that login rights to Velociraptor is nearly always reserved for trusted and verified users with IT security backgrounds.
Risk Information
Base Score
4.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.456
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-3619 are affected in Velociraptor (MSI) (x64) 0.5.9-- | Windows |
| Vulnerabilities CVE-2021-3619 are affected in Velociraptor (MSI) 0.5.9-- | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-355694 | Velociraptor (MSI) (x64) (0.75.6) |
| PATCH-355693 | Velociraptor (MSI) (0.75.5) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234