Vulnerabilites related to Crafter Software - Crafter CMS
CVE-2021-23263 (GCVE-0-2021-23263)
Vulnerability from cvelistv5
Published
2021-12-02 15:40
Modified
2024-09-16 23:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-402 - Transmission of Private Resources into a New Sphere ('Resource Leak')
Summary
Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary).
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < 3.1.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.1.15",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Carlos Ortiz"
}
],
"datePublic": "2021-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-402",
"description": "CWE-402: Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-02T15:40:58",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120106"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) in Crafter Engine",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2021-12-01T15:40:00.000Z",
"ID": "CVE-2021-23263",
"STATE": "PUBLIC",
"TITLE": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) in Crafter Engine"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.15"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Carlos Ortiz"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-402: Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120106",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120106"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23263",
"datePublished": "2021-12-02T15:40:58.466621Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T23:36:18.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25802 (GCVE-0-2020-25802)
Vulnerability from cvelistv5
Published
2020-10-06 14:09
Modified
2024-09-17 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.0 < 3.0.27 Version: 3.1 < 3.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:36.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.0.27",
"status": "affected",
"version": "3.0",
"versionType": "custom"
},
{
"lessThan": "3.1.7",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"datePublic": "2020-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T14:09:25",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2020-08-01T15:47:00.000Z",
"ID": "CVE-2020-25802",
"STATE": "PUBLIC",
"TITLE": "Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.0",
"version_value": "3.0.27"
},
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.7"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080101"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2020-25802",
"datePublished": "2020-10-06T14:09:25.176725Z",
"dateReserved": "2020-09-22T00:00:00",
"dateUpdated": "2024-09-17T03:07:43.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23264 (GCVE-0-2021-23264)
Vulnerability from cvelistv5
Published
2021-12-02 15:40
Modified
2024-09-16 19:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < 3.1.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120107"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.1.15",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sparsh Kulshrestha"
}
],
"datePublic": "2021-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-402",
"description": "CWE-402: Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668 Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-02T15:40:59",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120107"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) and Exposure of Resource to Wrong Sphere in Crafter Search",
"workarounds": [
{
"lang": "en",
"value": "Disable remote access to crafter-search."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2021-12-01T15:40:00.000Z",
"ID": "CVE-2021-23264",
"STATE": "PUBLIC",
"TITLE": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) and Exposure of Resource to Wrong Sphere in Crafter Search"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.15"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Sparsh Kulshrestha"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-402: Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-668 Exposure of Resource to Wrong Sphere"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120107",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120107"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Disable remote access to crafter-search."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23264",
"datePublished": "2021-12-02T15:40:59.160175Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T19:15:49.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40634 (GCVE-0-2022-40634)
Vulnerability from cvelistv5
Published
2022-09-13 18:25
Modified
2024-09-16 23:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThanOrEqual": "3.1.22",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Matei \"Mal\" Badanoiu"
}
],
"datePublic": "2022-09-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-13T18:25:09",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2022-09-13T15:42:00.000Z",
"ID": "CVE-2022-40634",
"STATE": "PUBLIC",
"TITLE": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.1",
"version_value": "3.1.22"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Matei \"Mal\" Badanoiu"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2022-40634",
"datePublished": "2022-09-13T18:25:09.814692Z",
"dateReserved": "2022-09-13T00:00:00",
"dateUpdated": "2024-09-16T23:36:30.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23258 (GCVE-0-2021-23258)
Vulnerability from cvelistv5
Published
2021-12-02 15:40
Modified
2024-09-16 22:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely (RCE).
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < 3.1.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.1.12",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"datePublic": "2021-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely (RCE)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-02T15:40:54",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Spring SPEL Expression Language Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2021-12-01T15:40:00.000Z",
"ID": "CVE-2021-23258",
"STATE": "PUBLIC",
"TITLE": "Spring SPEL Expression Language Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.12"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely (RCE)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120101"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23258",
"datePublished": "2021-12-02T15:40:54.175089Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T22:02:38.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25803 (GCVE-0-2020-25803)
Vulnerability from cvelistv5
Published
2020-10-06 14:21
Modified
2024-09-16 22:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.0 < 3.0.27 Version: 3.1 < 3.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:36.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080102"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.0.27",
"status": "affected",
"version": "3.0",
"versionType": "custom"
},
{
"lessThan": "3.1.7",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alvaro Mu\u00f1oz (GitHub)"
}
],
"datePublic": "2020-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T14:21:40",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080102"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2020-08-01T19:45:00.000Z",
"ID": "CVE-2020-25803",
"STATE": "PUBLIC",
"TITLE": "Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.0",
"version_value": "3.0.27"
},
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.7"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Alvaro Mu\u00f1oz (GitHub)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080102",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2020080102"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2020-25803",
"datePublished": "2020-10-06T14:21:40.707865Z",
"dateReserved": "2020-09-22T00:00:00",
"dateUpdated": "2024-09-16T22:36:11.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23265 (GCVE-0-2021-23265)
Vulnerability from cvelistv5
Published
2022-05-16 17:05
Modified
2024-09-16 20:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
A logged-in and authenticated user with a Reviewer Role may lock a content item.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThanOrEqual": "3.1.17",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Faizan Ahmad Wani"
}
],
"datePublic": "2022-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A logged-in and authenticated user with a Reviewer Role may lock a content item."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:05:21",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Privilege Management in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2022-05-16T13:57:00.000Z",
"ID": "CVE-2021-23265",
"STATE": "PUBLIC",
"TITLE": "Improper Privilege Management in Crafter Studio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.1",
"version_value": "3.1.17"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Faizan Ahmad Wani"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logged-in and authenticated user with a Reviewer Role may lock a content item."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23265",
"datePublished": "2022-05-16T17:05:22.145199Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T20:36:21.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23266 (GCVE-0-2021-23266)
Vulnerability from cvelistv5
Published
2022-05-16 17:05
Modified
2024-09-16 17:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-117 - Improper Output Neutralization for Logs
Summary
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThanOrEqual": "3.1.17",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Faizan Ahmad Wani"
}
],
"datePublic": "2022-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "CWE-117 Improper Output Neutralization for Logs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:05:24",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Output Neutralization for Logs in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2022-05-16T14:49:00.000Z",
"ID": "CVE-2021-23266",
"STATE": "PUBLIC",
"TITLE": "Improper Output Neutralization for Logs in Crafter Studio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.1",
"version_value": "3.1.17"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Faizan Ahmad Wani"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-117 Improper Output Neutralization for Logs"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23266",
"datePublished": "2022-05-16T17:05:24.567886Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T17:14:27.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23260 (GCVE-0-2021-23260)
Vulnerability from cvelistv5
Published
2021-12-02 15:40
Modified
2024-09-16 17:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < 3.1.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.1.12",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"datePublic": "2021-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-02T15:40:56",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120103"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Stored XSS Vulnerability in File Name of the File Upload function",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2021-12-01T15:40:00.000Z",
"ID": "CVE-2021-23260",
"STATE": "PUBLIC",
"TITLE": "Stored XSS Vulnerability in File Name of the File Upload function"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.12"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120103",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120103"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23260",
"datePublished": "2021-12-02T15:40:56.227987Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T17:08:40.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40635 (GCVE-0-2022-40635)
Vulnerability from cvelistv5
Published
2022-09-13 18:25
Modified
2024-09-16 16:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThanOrEqual": "3.1.22",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Matei \"Mal\" Badanoiu"
}
],
"datePublic": "2022-09-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-13T18:25:10",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2022-09-13T15:42:00.000Z",
"ID": "CVE-2022-40635",
"STATE": "PUBLIC",
"TITLE": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.1",
"version_value": "3.1.22"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Matei \"Mal\" Badanoiu"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2022-40635",
"datePublished": "2022-09-13T18:25:10.622257Z",
"dateReserved": "2022-09-13T00:00:00",
"dateUpdated": "2024-09-16T16:13:57.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23267 (GCVE-0-2021-23267)
Vulnerability from cvelistv5
Published
2022-05-16 17:05
Modified
2024-09-16 23:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThanOrEqual": "3.1.17",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"datePublic": "2022-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:05:25",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2022-05-16T14:58:00.000Z",
"ID": "CVE-2021-23267",
"STATE": "PUBLIC",
"TITLE": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.1",
"version_value": "3.1.17"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23267",
"datePublished": "2022-05-16T17:05:25.974285Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T23:20:45.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23261 (GCVE-0-2021-23261)
Vulnerability from cvelistv5
Published
2021-12-02 15:40
Modified
2024-09-17 01:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Summary
Authenticated administrators may override the system configuration file and cause a denial of service.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < 3.1.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.1.13",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"datePublic": "2021-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Authenticated administrators may override the system configuration file and cause a denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-02T15:40:56",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120104"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Overriding the system configuration file causes a denial of service",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2021-12-01T15:40:00.000Z",
"ID": "CVE-2021-23261",
"STATE": "PUBLIC",
"TITLE": "Overriding the system configuration file causes a denial of service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.13"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authenticated administrators may override the system configuration file and cause a denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703 Improper Check or Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120104",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120104"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23261",
"datePublished": "2021-12-02T15:40:56.958357Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-17T01:57:02.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23262 (GCVE-0-2021-23262)
Vulnerability from cvelistv5
Published
2021-12-02 15:40
Modified
2024-09-16 21:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < 3.1.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120105"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.1.13",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"datePublic": "2021-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-02T15:40:57",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120105"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Snakeyaml deserialization vulnerability bypass",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2021-12-01T15:40:00.000Z",
"ID": "CVE-2021-23262",
"STATE": "PUBLIC",
"TITLE": "Snakeyaml deserialization vulnerability bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.13"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120105",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120105"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23262",
"datePublished": "2021-12-02T15:40:57.695452Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T21:57:11.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23259 (GCVE-0-2021-23259)
Vulnerability from cvelistv5
Published
2021-12-02 15:40
Modified
2024-09-16 18:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE).
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Crafter Software | Crafter CMS |
Version: 3.1 < 3.1.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Crafter CMS",
"vendor": "Crafter Software",
"versions": [
{
"lessThan": "3.1.12",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"datePublic": "2021-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-02T15:40:55",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Groovy Sandbox Bypass",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@craftersoftware.com",
"DATE_PUBLIC": "2021-12-01T15:40:00.000Z",
"ID": "CVE-2021-23259",
"STATE": "PUBLIC",
"TITLE": "Groovy Sandbox Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Crafter CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.12"
}
]
}
}
]
},
"vendor_name": "Crafter Software"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kai Zhao (ToTU Security Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-913 Improper Control of Dynamically-Managed Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102",
"refsource": "MISC",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2021-23259",
"datePublished": "2021-12-02T15:40:55.510518Z",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-09-16T18:33:22.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}