CVE-2021-31987
First published: Tue Oct 05 2021(Updated: )
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
Credit: product-security@axis.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Axis Axis Os | <10.8 | |
| Axis Axis Os 2016 | <6.50.5.5 | |
| Axis Axis Os 2018 | <8.40.4.3 | |
| Axis Axis Os 2020 | <9.80.3.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-31987?
CVE-2021-31987 is a vulnerability related to SMTP test functionality on Axis Axis OS, allowing bypass of blocked network recipients.
How severe is CVE-2021-31987?
CVE-2021-31987 has a severity rating of 7.5 (high).
Which software versions are affected by CVE-2021-31987?
CVE-2021-31987 affects Axis Axis OS versions up to and excluding 10.8, Axis Axis OS 2016 versions up to and excluding 6.50.5.5, Axis Axis OS 2018 versions up to and excluding 8.40.4.3, and Axis Axis OS 2020 versions up to and excluding 9.80.3.5.
How can the bypass of blocked network recipients be prevented?
To prevent the bypass of blocked network recipients, it is recommended to apply the necessary security patches provided by Axis.
Where can I find more information about CVE-2021-31987?
You can find more information about CVE-2021-31987 at the following link: [CVE-2021-31987](https://www.axis.com/files/tech_notes/CVE-2021-31987.pdf).
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/tags
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- vendor/axis
- canonical/axis axis os
- canonical/axis axis os 2016
- canonical/axis axis os 2018
- canonical/axis axis os 2020