Main Vulnerability Database Vulnerabilities #VU52322

#VU52322 Improper Authentication in Paragon Active Assurance Control Center - CVE-2021-0232

Published: April 19, 2021

Vulnerability identifier: #VU52322

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-0232

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Paragon Active Assurance Control Center

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. A remote attacker with specific information about the deployment can mimic an already registered Test Agent and access its configuration including associated inventory details.

Remediation

Install updates from vendor's website.

External links

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11127&cat=SIRT_1&actp=LIST

#VU52322 Improper Authentication in Paragon Active Assurance Control Center - CVE-2021-0232

Description

Remediation

External links

Please verify you're human