CVE-2021-21477

SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject malicious code in the drools rules which when executed leads to Remote Code Execution vulnerability enabling the attacker to compromise the underlying host enabling him to impair confidentiality, integrity and availability of the application.

CVSS v3 9.9 CRITICAL
CVSS v2.0 9.0 HIGH

9.9^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.1 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

9.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://launchpad.support.sap.com/#/notes/3014121	Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sap:commerce:1808:::::::*
	cpe:2.3:a:sap:commerce:1811:::::::*
	cpe:2.3:a:sap:commerce:1905:::::::*
	cpe:2.3:a:sap:commerce:2005:::::::*
	cpe:2.3:a:sap:commerce:2011:::::::*

History

No history.

Information

Published : 2021-02-09 21:15

Updated : 2024-02-04 21:23

NVD link : CVE-2021-21477

Mitre link : CVE-2021-21477

CVE.ORG link : CVE-2021-21477

JSON object : View

Products Affected

sap

commerce

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2021-21477", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "cna@sap.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}]}, "published": "2021-02-09T21:15:13.613", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3014121", "tags": ["Permissions Required"], "source": "cna@sap.com"}, {"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject malicious code in the drools rules which when executed leads to Remote Code Execution vulnerability enabling the attacker to compromise the underlying host enabling him to impair confidentiality, integrity and availability of the application."}, {"lang": "es", "value": "SAP Commerce Cloud, versiones - 1808,1811,1905,2005,2011, permite a determinados usuarios con privilegios requeridos editar las reglas de drools, un atacante autenticado con este privilegio podr\u00e1 inyectar c\u00f3digo malicioso en las reglas de drools que, cuando se ejecutan, conllevan a una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota permitiendo al atacante poner en peligro el host subyacente, permitiendo afectar la confidencialidad, integridad y disponibilidad de la aplicaci\u00f3n"}], "lastModified": "2021-02-16T18:07:19.217", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:commerce:1808:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F352D085-2B1E-44A9-81C6-2E1F5C249AB4"}, {"criteria": "cpe:2.3:a:sap:commerce:1811:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27A12336-30BA-439D-A3F2-B7D93D5B52DC"}, {"criteria": "cpe:2.3:a:sap:commerce:1905:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F665F648-5C35-4EC8-8064-8ED139C8813C"}, {"criteria": "cpe:2.3:a:sap:commerce:2005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C788164A-7724-4CB1-8ADC-B05ADE595020"}, {"criteria": "cpe:2.3:a:sap:commerce:2011:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DE31C0C-31D7-468E-B1D4-CE522086EDD3"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}