Security Advisory

CVE-2021-4016

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-21 18:00:11

Last updated 2024-09-16 22:30:10

Assigner rapid7

State PUBLISHED

Description

Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control vulnerability whereby, the user has access to the snapshot directory. An attacker can access, read and copy any of the files in this directory e.g. asset_info.json or file_info.json, leading to a loss of confidentiality. This issue was fixed in Rapid7 Insight Agent 3.1.3.

← Browse all CVEs View on cve.org ↗