Vuln ID: CVE-2021-3554
Published: 2021-11-24 16:15:13Z
Description: Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 126.96.36.1990; versions prior to 188.8.131.52. Bitdefender Unified Endpoint versions prior to 184.108.40.206. Bitdefender GravityZone versions prior to 6.24.1-1.