CVE-2021-40525
Sieve file storage vulnerable to path traversal attacks
Severity Score
9.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.
La implementación de Apache James ManagedSieve junto con el almacenamiento de archivos para los scripts de sieve es vulnerable a un salto de ruta, permitiendo leer y escribir cualquier archivo. Esta vulnerabilidad ha sido parcheada en Apache James versiones 3.6.1 y superiores. Recomendamos la actualización. Los productos distribuidos y basados en Cassandra tampoco están afectados
*Credits:
The Apache James PMC would like to thanks Benoit TELLIER for the report.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-09-06 CVE Reserved
- 2022-01-04 CVE Published
- 2024-08-04 CVE Updated
- 2024-09-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2022/01/04/4 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2022/02/07/1 | Mailing List |
|
| https://www.openwall.com/lists/oss-security/2022/01/04/4 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|