NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): cpe:2.3:a:accellion:fta:-:*:*:*:*:*:*:*
CPE Name Search: true

There are 6 matching records.

Displaying matches 1 through 6.

Vuln ID	Summary	CVSS Severity
CVE-2021-27730	Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA_9_12_444 and later. Published: March 01, 2021; 9:15:13 PM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH
CVE-2021-27731	Accellion FTA 9_12_432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. The fixed version is FTA_9_12_444 and later. Published: March 01, 2021; 8:15:12 PM -0500	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2021-27104	Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. Published: February 16, 2021; 4:15:13 PM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH
CVE-2021-27103	Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later. Published: February 16, 2021; 4:15:13 PM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH
CVE-2021-27102	Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later. Published: February 16, 2021; 4:15:13 PM -0500	V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH
CVE-2021-27101	Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. Published: February 16, 2021; 4:15:13 PM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH