CISA Known Exploited Vulnerability

CVE-2021-35464 Ransomware

ForgeRock · Access Management (AM)

ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability

Date added 2021-11-03

BOD 22-01 due date 2021-11-17

CWE CWE-502

Ransomware Known

CISA description

ForgeRock Access Management (AM) Core Server allows an attacker who sends a specially crafted HTTP request to one of three endpoints (/ccversion/Version, /ccversion/Masthead, or /ccversion/ButtonFrame) to execute code in the context of the current user (unless ForgeRock AM is running as root user, which the vendor does not recommend).

Required action

Apply updates per vendor instructions.

Notes & references

https://nvd.nist.gov/vuln/detail/CVE-2021-35464

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

RA-5 · Vulnerability Monitoring and Scanning
SI-2 · Flaw Remediation
CM-6 · Configuration Settings
SI-7 · Software, Firmware, and Information Integrity
CM-8 · System Component Inventory

External lookups

NVD · CVE-2021-35464
CVE.org · CVE-2021-35464
CISA KEV catalog (canonical)