What version of Imunify Products is unaffected from Remote Command Execution Vulnerability CVE-2021-21956?

Issue

What version of Imunify Products is unaffected from Remote Command Execution Vulnerability CVE-2021-21956?

Environment

• Imunify360
• ImunifyAV

Solution

ImunifyAV/Imunify360 v. 5.11.3 have an unaffected version of AI-Bolit installed.

However, If you are running an ImunifyAV/Imunify360 version prior to 5.11.3 - please, make sure to update as soon as possible.

If you have updated to 5.11.3 version or higher - no action is needed.

Useful links

• https://talosintelligence.com/vulnerability_reports/TALOS-2021-1383
• https://blog.imunify360.com/ai-bolit-security-issue
• https://docs.imunify360.com/installation/#update-instructions