Lucene search

AdobeCVELIST:CVE-2021-21064

HistoryFeb 25, 2021 - 1:22 p.m.

CVE-2021-21064 Magento UPWARD-php Path traversal vulnerability via UPWARD Connector

2021-02-2513:22:01

CWE-22

adobe

www.cve.org

magento

upward-php

path traversal vulnerability

upward connector

upload feature

yaml file

remote server

admin console access

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

30.8%

JSON

Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potentially exploit this vulnerability to upload a malicious YAML file that can contain instructions which allows reading arbitrary files from the remote server. Access to the admin console is required for successful exploitation.

CNA Affected

[
  {
    "product": "Magento Commerce",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "1.1.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "None",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/magento/upward-php/security

github.com/magento/upward-php/security/advisories/GHSA-p4pw-hpjx-5685

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

30.8%

JSON

Related for CVELIST:CVE-2021-21064