CVE-2021-37498 : Security Advisory and Response

An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function.

Understanding CVE-2021-37498

This section provides an overview of the CVE-2021-37498 vulnerability.

What is CVE-2021-37498?

CVE-2021-37498 is an SSRF (Server-Side Request Forgery) vulnerability found in the Reprise License Manager (RLM) web interface version 14.2BL4.

The Impact of CVE-2021-37498

This vulnerability allows remote attackers to initiate outbound requests to intranet servers and perform port scans by exploiting the actserver parameter in the License Activation function.

Technical Details of CVE-2021-37498

Let's delve into the technical aspects of CVE-2021-37498.

Vulnerability Description

The SSRF issue in Reprise License Manager (RLM) web interface enables attackers to interact with resources on a server within a trusted zone using the affected actserver parameter.

Affected Systems and Versions

All versions of Reprise License Manager (RLM) up to and including 14.2BL4 are impacted by CVE-2021-37498.

Exploitation Mechanism

Remote attackers can exploit this vulnerability by manipulating the actserver parameter in the License Activation function to trigger malicious outbound requests and perform unauthorized port scans.

Mitigation and Prevention

Discover the steps to mitigate and prevent the CVE-2021-37498 vulnerability.

Immediate Steps to Take

Immediately restrict inbound and outbound access to prevent unauthorized requests and port scans. Consider implementing network segmentation.

Long-Term Security Practices

Regularly update and patch Reprise License Manager (RLM) software to eliminate security vulnerabilities and enhance system defenses.

Patching and Updates

Apply patches and security updates provided by Reprise to address the SSRF issue in RLM web interface.