CVE-2021-23258

EUVD-2021-10357
Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely (RCE).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.2 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
crafterCNA
4.2 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
Affected Products (NVD)
VendorProductVersion
craftercmscrafter_cms
3.1.0 ≤
𝑥
< 3.1.12
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101