CVE-2021-45389

EPSS 0.60% · P70 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-45389

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款StarWind产品授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

StarWind SAN & NAS和StarWind Command Center都是StarWind的产品。StarWind SAN & NAS是独立管理程序服务器或服务器组。StarWind Command Center是一个单一管理平台管理和监视 Ui。旨在简化和自动化对日常 Hci 例程的控制。 StarWind 多款产品存在授权问题漏洞，该漏洞源于 StarWind SAN & NAS build 1578 和 StarWind Command Center Build 6864 Update

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-45389

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-45389

请登录查看更多情报信息。

https://www.starwindsoftware.com/security/sw-20211512-0001/x_refsource_MISC
https://www.starwindsoftware.com/security/sw-20211215-0001/x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2021-45389

Same Patch Batch · n/a · 2022-01-04 · 15 CVEs total

CVE-2021-43711		TotoLink Ex200命令注入漏洞
CVE-2021-45913		ControlUp Real-Time Agent 信任管理问题漏洞
CVE-2021-45978		Foxit PDF Reader 操作系统命令注入漏洞
CVE-2021-45979		Foxit PDF Reader 操作系统命令注入漏洞
CVE-2021-45980		Foxit PDF Reader 注入漏洞
CVE-2021-45912		Controlup Real-Time Agent操作系统命令注入漏洞
CVE-2021-40148		Google Android 安全漏洞
CVE-2021-41789		MediaTek 芯片输入验证错误漏洞
CVE-2021-43677		Fluxbb 跨站脚本漏洞
CVE-2021-41388		Netskope 安全漏洞
CVE-2021-22045		VMware ESXi缓冲区错误漏洞
CVE-2021-45452		Django 路径遍历漏洞
CVE-2021-45116		Django 输入验证错误漏洞
CVE-2021-45115		Django 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-45389

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-45389

I. Basic Information for CVE-2021-45389

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-45389

III. Intelligence Information for CVE-2021-45389

Same Patch Batch · n/a · 2022-01-04 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-45389

Leave a comment