cnvd - cnvd-2021-13201

cnvd-2021-13201

Vulnerability from cnvd

Title: SAP Commerce Cloud远程代码执行漏洞

Description:

SAP Commerce Cloud是德国思爱普（SAP）公司的一个电商云平台。该平台提供企业级电商业务支持。

SAP Commerce Cloud 1808、1811、1905、2005和2011版本存在远程代码执行漏洞。经过身份认证的攻击者可利用该漏洞在流口水规则中注入恶意代码，该恶意代码在执行时会导致远程执行代码漏洞，从而使攻击者破坏基础主机，对应用程序的机密性，完整性和可用性造成影响。

Severity: 高

Patch Name: SAP Commerce Cloud远程代码执行漏洞的补丁

Patch Description:

SAP Commerce Cloud是德国思爱普（SAP）公司的一个电商云平台。该平台提供企业级电商业务支持。

SAP Commerce Cloud 1808、1811、1905、2005和2011版本存在远程代码执行漏洞。经过身份认证的攻击者可利用该漏洞在流口水规则中注入恶意代码，该恶意代码在执行时会导致远程执行代码漏洞，从而使攻击者破坏基础主机，对应用程序的机密性，完整性和可用性造成影响。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543

Reference: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21477

Impacted products

Name
['SAP SAP Commerce Cloud 1808', 'SAP SAP Commerce Cloud 1811', 'SAP SAP Commerce Cloud 1905', 'SAP SAP Commerce Cloud 2005', 'SAP SAP Commerce Cloud 2011']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-21477",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-21477"
    }
  },
  "description": "SAP Commerce Cloud\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7535\u5546\u4e91\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4f01\u4e1a\u7ea7\u7535\u5546\u4e1a\u52a1\u652f\u6301\u3002\n\nSAP Commerce Cloud 1808\u30011811\u30011905\u30012005\u548c2011\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u7ecf\u8fc7\u8eab\u4efd\u8ba4\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u6d41\u53e3\u6c34\u89c4\u5219\u4e2d\u6ce8\u5165\u6076\u610f\u4ee3\u7801\uff0c\u8be5\u6076\u610f\u4ee3\u7801\u5728\u6267\u884c\u65f6\u4f1a\u5bfc\u81f4\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\uff0c\u4ece\u800c\u4f7f\u653b\u51fb\u8005\u7834\u574f\u57fa\u7840\u4e3b\u673a\uff0c\u5bf9\u5e94\u7528\u7a0b\u5e8f\u7684\u673a\u5bc6\u6027\uff0c\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u9020\u6210\u5f71\u54cd\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-13201",
  "openTime": "2021-02-27",
  "patchDescription": "SAP Commerce Cloud\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7535\u5546\u4e91\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4f01\u4e1a\u7ea7\u7535\u5546\u4e1a\u52a1\u652f\u6301\u3002\r\n\r\nSAP Commerce Cloud 1808\u30011811\u30011905\u30012005\u548c2011\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u7ecf\u8fc7\u8eab\u4efd\u8ba4\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u6d41\u53e3\u6c34\u89c4\u5219\u4e2d\u6ce8\u5165\u6076\u610f\u4ee3\u7801\uff0c\u8be5\u6076\u610f\u4ee3\u7801\u5728\u6267\u884c\u65f6\u4f1a\u5bfc\u81f4\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\uff0c\u4ece\u800c\u4f7f\u653b\u51fb\u8005\u7834\u574f\u57fa\u7840\u4e3b\u673a\uff0c\u5bf9\u5e94\u7528\u7a0b\u5e8f\u7684\u673a\u5bc6\u6027\uff0c\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u9020\u6210\u5f71\u54cd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "SAP Commerce Cloud\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "SAP SAP Commerce Cloud 1808",
      "SAP SAP Commerce Cloud 1811",
      "SAP SAP Commerce Cloud 1905",
      "SAP SAP Commerce Cloud 2005",
      "SAP SAP Commerce Cloud 2011"
    ]
  },
  "referenceLink": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21477",
  "serverity": "\u9ad8",
  "submitTime": "2021-02-26",
  "title": "SAP Commerce Cloud\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2021-21477 (GCVE-0-2021-21477)

Vulnerability from cvelistv5

Published

2021-02-09 20:43

Modified

2024-08-03 18:16

Severity ?

9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

Remote Code Execution

Summary

SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject malicious code in the drools rules which when executed leads to Remote Code Execution vulnerability enabling the attacker to compromise the underlying host enabling him to impair confidentiality, integrity and availability of the application.

References

▼	URL	Tags
	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543	x_refsource_MISC
	https://launchpad.support.sap.com/#/notes/3014121	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	SAP SE	SAP Commerce	Version: < 1808 Version: < 1811 Version: < 1905 Version: < 2005 Version: < 2011

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:16:22.468Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://launchpad.support.sap.com/#/notes/3014121"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SAP Commerce",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1808"
            },
            {
              "status": "affected",
              "version": "\u003c 1811"
            },
            {
              "status": "affected",
              "version": "\u003c 1905"
            },
            {
              "status": "affected",
              "version": "\u003c 2005"
            },
            {
              "status": "affected",
              "version": "\u003c 2011"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject malicious code in the drools rules which when executed leads to Remote Code Execution vulnerability enabling the attacker to compromise the underlying host enabling him to impair confidentiality, integrity and availability of the application."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-09T20:43:57",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://launchpad.support.sap.com/#/notes/3014121"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@sap.com",
          "ID": "CVE-2021-21477",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SAP Commerce",
                      "version": {
                        "version_data": [
                          {
                            "version_name": "\u003c",
                            "version_value": "1808"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "1811"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "1905"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2005"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2011"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SAP SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject malicious code in the drools rules which when executed leads to Remote Code Execution vulnerability enabling the attacker to compromise the underlying host enabling him to impair confidentiality, integrity and availability of the application."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "9.9",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543",
              "refsource": "MISC",
              "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
            },
            {
              "name": "https://launchpad.support.sap.com/#/notes/3014121",
              "refsource": "MISC",
              "url": "https://launchpad.support.sap.com/#/notes/3014121"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2021-21477",
    "datePublished": "2021-02-09T20:43:57",
    "dateReserved": "2020-12-30T00:00:00",
    "dateUpdated": "2024-08-03T18:16:22.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted