Lucene search

CrafterCVELIST:CVE-2021-23258

HistoryDec 02, 2021 - 3:40 p.m.

CVE-2021-23258 Spring SPEL Expression Language Injection

2021-12-0215:40:54

CWE-913

crafter

www.cve.org

cve-2021-23258

spring

spel expression language injection

authenticated users

os commands

spring beans

CVSS3

4.2

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

42.0%

JSON

Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely (RCE).

CNA Affected

[
  {
    "product": "Crafter CMS",
    "vendor": "Crafter Software",
    "versions": [
      {
        "lessThan": "3.1.12",
        "status": "affected",
        "version": "3.1",
        "versionType": "custom"
      }
    ]
  }
]

References

docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101

CVSS3

4.2

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

42.0%

JSON

Related for CVELIST:CVE-2021-23258