Lucene search

GitHub_MCVELIST:CVE-2021-21242

HistoryJan 15, 2021 - 8:05 p.m.

CVE-2021-21242 Pre-Auth Unsafe Deserialization on AttachmentUploadServet

2021-01-1520:05:27

CWE-74

GitHub_M

www.cve.org

cve-2021-21242

onedev

attachmentuploadservlet

vulnerability

pre-auth

remote code execution

deserialization

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

AI Score

Confidence

High

EPSS

0.664

Percentile

98.0%

JSON

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the Attachment-Support header. This Servlet does not enforce any authentication or authorization checks. This issue may lead to pre-auth remote code execution. This issue was fixed in 4.0.3 by removing AttachmentUploadServlet and not using deserialization

CNA Affected

[
  {
    "product": "onedev",
    "vendor": "theonedev",
    "versions": [
      {
        "status": "affected",
        "version": "< 4.0.3"
      }
    ]
  }
]

References

github.com/theonedev/onedev/commit/f864053176c08f59ef2d97fea192ceca46a4d9be

github.com/theonedev/onedev/security/advisories/GHSA-5q3q-f373-2jv8

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

AI Score

Confidence

High

EPSS

0.664

Percentile

98.0%

JSON

Related for CVELIST:CVE-2021-21242