Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11.1, 11.11.1a, 11.11.5, and 11.11.5a (when configured to use local, RADIUS, or TACACS authentication) logs usernames and passwords if either is entered incorrectly. If a user enters an incorrect username and/or password when logging into the WebUI, these attempted credentials are included in an error message that is logged in the WebUI log file. A log entry does not appear if the username and password provided correctly match a valid set of credentials. This also does not happen if AppResponse is configured to use SAML authentication. The WebUI log file is included in subsequent diagnostic system dumps that are generated. (Only users with Full Control access to the System Configuration permission can generate system dumps. By default, only System Administrators have Full Control access to the System Configuration permission.)
総合評価: CVE-2021-43271 は中リスク(44.9/100)。CVSS 深刻度は中。悪用される可能性が高い(EPSS 0.76%、51 パーセンタイル) 推奨対応: 影響資産を整理し、修補計画に組み込んでください。
リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。
EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。
| # | 日付 | 旧 EPSS スコア | 新 EPSS スコア | Δ(新 − 旧) |
|---|---|---|---|---|
| 1 | 2026-06-20 | 0.74% | 0.76% | +0.02% |
| 2 | 2026-06-15 | 0.26% | 0.74% | +0.49% |
| 3 | 2025-06-16 | — | 0.26% | — |
EPSS の全履歴 (全 9 件)
この CVE の CVSS 指標。
| ベーススコア | バージョン | 深刻度 | ベクトル | 悪用しやすさ | 影響 | スコアの出典 |
|---|---|---|---|---|---|---|
| 6.8 | 3.1 | MEDIUM |
|
0.9 | 5.9 | [email protected] |
| 7.1 | 2.0 | HIGH |
|
3.9 | 10.0 | [email protected] |
| ベンダー | 製品 | バージョン | 生の CPE |
|---|---|---|---|
| riverbed | appresponse | 11.8.0 | cpe:2.3:a:riverbed:appresponse:11.8.0:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.8.5 | cpe:2.3:a:riverbed:appresponse:11.8.5:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.8.5a | cpe:2.3:a:riverbed:appresponse:11.8.5a:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.9.0 | cpe:2.3:a:riverbed:appresponse:11.9.0:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.9.0a | cpe:2.3:a:riverbed:appresponse:11.9.0a:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.10.0 | cpe:2.3:a:riverbed:appresponse:11.10.0:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.11.0 | cpe:2.3:a:riverbed:appresponse:11.11.0:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.11.0a | cpe:2.3:a:riverbed:appresponse:11.11.0a:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.11.1 | cpe:2.3:a:riverbed:appresponse:11.11.1:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.11.1a | cpe:2.3:a:riverbed:appresponse:11.11.1a:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.11.5 | cpe:2.3:a:riverbed:appresponse:11.11.5:*:*:*:*:*:*:* |
| riverbed | appresponse | 11.11.5a | cpe:2.3:a:riverbed:appresponse:11.11.5a:*:*:*:*:*:*:* |
| URL | タグ |
|---|---|
| https://supportkb.riverbed.com/support/index?page=content&id=S35806 | Vendor Advisory |