CVE-2021-20802
First published: Wed Oct 13 2021(Updated: )
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Remote Service Manager | =3.1.8 | |
| Cybozu Remote Service Manager | =3.1.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this HTTP header injection vulnerability?
The vulnerability ID for this HTTP header injection vulnerability is CVE-2021-20802.
What is the severity of CVE-2021-20802?
The severity of CVE-2021-20802 is medium (5.3).
What software versions are affected by CVE-2021-20802?
Cybozu Remote Service versions 3.1.8 and 3.1.9 are affected by CVE-2021-20802.
How does CVE-2021-20802 work?
CVE-2021-20802 allows a remote attacker to alter the information stored in Cybozu Remote Service by injecting malicious headers in HTTP requests.
How can I fix the HTTP header injection vulnerability (CVE-2021-20802)?
To fix the HTTP header injection vulnerability, it is recommended to update Cybozu Remote Service to a version that includes the security patch.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/cybozu
- canonical/cybozu remote service manager
- version/cybozu remote service manager/3.1.8
- version/cybozu remote service manager/3.1.9