Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

CSR Update fixes CVE-2021-23884

Found Version

The CVE-2021-23884 impacts Content Security Reporter prior to 2.8.0.

Description

This vulnerability only happens through on-premises ePO™ servers. The attacker would need to be on the same network as the ePO™ server, and know an ePO™ administrator's credentials, to exploit this vulnerability. The credentials for obtaining logs from Web Gateway and Web Gateway Cloud Server are configured in different parts of the ePO™ extension. The best practice is to have different passwords for each service. The passwords exposed through this vulnerability are stored encrypted in the CSR database, both before and post this fix.

CVE-2021-23884

Cleartext Transmission of Sensitive Information vulnerability in the ePO™ Extension of Content Security Reporter prior to 2.8.0 allows an ePO™ administrator to view the unencrypted password of the Web Gateway or the password of the Web Gateway Cloud Server read only user used to retrieve log files for analysis in Content Security Reporter.

https://nvd.nist.gov/vuln/detail/CVE-2021-23884

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23884

Remediation

To remediate this issue , the minimum version to upgrade is 2.8.0 or use the latest Content Security Reporter 2.9.1.

The installation files are available from here :

https://www.trellix.com/en-us/downloads/my-products.html

Installation or Upgrade

Installation, please use the link below:

Content Security Reporter Installation

Upgrade Content Security Reporter, please use the link below:

Upgrade Content Security Reporter

 

  • Was this article helpful?