CVE-2021-41569

19.11.2021, 18:15

SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. Users can escape the context of the configured user-controllable variable and append additional functions native to the macro but not included as variables within the library. This includes a function that retrieves files from the host OS.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Vendor	Product	Version
sas	sas\/intrnet	𝑥 < 9.4
sas	sas\/intrnet	9.4
sas	sas\/intrnet	9.4:build1520

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

References

https://support.sas.com/kb/68/641.html

https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas

https://support.sas.com/kb/68/641.html

https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas