CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 15, 2022

CVE-2021-22941

High

EPSS 87.8%CISA KEVRansomware

Citrix/ShareFile

Description

Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.

EPSS — Exploit Probability

87.8%

Higher than 99.5% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2021-22941

Risk Assessment

CRITICAL

In CISA KEV

High EPSS

Ransomware

Details

Severity: High
EPSS: 87.8%
CISA KEV: Yes
Ransomware: Known
Articles: 0

Timeline

Published

Mar 25, 2022

Added to KEV

Mar 25, 2022

Remediation Due

Apr 15, 2022

Affected Product

Citrix

ShareFile

View all Citrix CVEs

External Links

NVD (NIST)CVE Details MITRE CVE