Vulnerability Details : CVE-2021-41231
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
Vulnerability category: Execute code
Products affected by CVE-2021-41231
- cpe:2.3:a:openmage:magento:*:*:*:*:lts:*:*:*
- cpe:2.3:a:openmage:magento:*:*:*:*:lts:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-41231
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 57 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-41231
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
NIST | |
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
GitHub, Inc. |
CWE ids for CVE-2021-41231
-
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Assigned by: security-advisories@github.com (Secondary)
-
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-41231
-
https://github.com/OpenMage/magento-lts/releases/tag/v19.4.22
Release v19.4.22 · OpenMage/magento-lts · GitHubRelease Notes;Third Party Advisory
-
https://github.com/OpenMage/magento-lts/security/advisories/GHSA-h632-p764-pjqm
DataFlow upload remote code execution vulnerability · Advisory · OpenMage/magento-lts · GitHubThird Party Advisory
-
https://github.com/OpenMage/magento-lts/releases/tag/v20.0.19
Release v20.0.19 · OpenMage/magento-lts · GitHubRelease Notes;Third Party Advisory
-
https://github.com/OpenMage/magento-lts/commit/d16fc6c5a1e66c6f0d9f82020f11702a7ddd78e4
Merge pull request from GHSA-h632-p764-pjqm · OpenMage/magento-lts@d16fc6c · GitHubPatch;Third Party Advisory
Jump to