Lucene search
China National Vulnerability DatabaseCNVD-2021-100287HistoryDec 14, 2021 - 12:00 a.m.
OpenOlat has unspecified vulnerabilities
2021-12-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.002 Low
EPSS
Percentile
57.1%
OpenOLAT is a web-based e-learning platform for teaching, learning, assessing and communicating with an LMS, a learning management system. a security vulnerability exists in versions of OpenOlat prior to 15.5.12 and 16.0.5, which stems from the fact that by providing a file name containing a relative path as a parameter in certain REST methods, it is possible to create a directory structure and write to a file anywhere on the target system. directory structure and write files to any location on the target system. No details of the vulnerability are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| OpenOlat OpenOLAT | lt | 15.5.12 | |
| OpenOlat OpenOLAT >=16.0.0, | lt | 16.0.5 |
Related
cve
cve
CVE-2021-41242
2021-12-10 23:15:09
osv
osv
CVE-2021-41242
2021-12-10 23:15:09
prion
prion
Path traversal
2021-12-10 23:15:00
cvelist
cvelist
nvd
nvd
CVE-2021-41242
2021-12-10 23:15:09