Authentication bypass using an alternate path or channel in Claroty Secure Remote Access Site
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-32958 |
| CWE-ID | CWE-288 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Secure Remote Access (SRA) Site Other software / Other software solutions |
| Vendor | Claroty |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Authentication bypass using an alternate path or channel
EUVDB-ID: #VU54469
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-32958
CWE-ID:
CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass authentication process.
The vulnerability exist due to improper implementation of the authentication process. A local user can gain the secret key, allowing them to generate valid session tokens for the web user interface (UI).
MitigationInstall updates from vendor's website.
Vulnerable software versionsSecure Remote Access (SRA) Site: 3.0 - 3.2
CPE2.3- cpe:2.3:a:claroty:secure_remote_access_sra_site:*:*:*:*:*:*:*:*
- cpe:2.3:a:claroty:secure_remote_access_sra_site:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:claroty:secure_remote_access_sra_site:3.2:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-21-180-06
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
