CVE-2021-23258

Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely (RCE).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.2 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
crafterCNA
4.2 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
craftercmscrafter_cms
3.1.0 ≤
𝑥
< 3.1.12
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101