CVE-2021-41547
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All versions < V5.0.10), Teamcenter Active Workspace V5.1 (All versions < V5.1.6), Teamcenter Active Workspace V5.2 (All versions < V5.2.3). The application contains an unsafe unzipping pattern that could lead to a zip path traversal attack. This could allow and attacker to execute a remote shell with admin rights.
Se ha identificado una vulnerabilidad en Teamcenter Active Workspace versiones V4.3 (Todas las versiones anteriores a V4.3.11), Teamcenter Active Workspace versiones V5.0 (Todas las versiones anteriores a V5.0.10), Teamcenter Active Workspace versiones V5.1 (Todas las versiones anteriores a V5.1.6), Teamcenter Active Workspace versiones V5.2 (Todas las versiones anteriores a V5.2.3). La aplicación contiene un patrón de descompresión no seguro que podría conllevar a un ataque de salto de ruta de zip. Esto podría permitir a un atacante ejecutar un shell remoto con derechos de administrador
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-09-21 CVE Reserved
- 2021-12-14 CVE Published
- 2024-06-11 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-133772.pdf | 2021-12-16 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | Teamcenter Active Workspace Search vendor "Siemens" for product "Teamcenter Active Workspace" | >= 4.3 < 4.3.11 Search vendor "Siemens" for product "Teamcenter Active Workspace" and version " >= 4.3 < 4.3.11" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Teamcenter Active Workspace Search vendor "Siemens" for product "Teamcenter Active Workspace" | >= 5.0 < 5.0.10 Search vendor "Siemens" for product "Teamcenter Active Workspace" and version " >= 5.0 < 5.0.10" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Teamcenter Active Workspace Search vendor "Siemens" for product "Teamcenter Active Workspace" | >= 5.1 < 5.1.6 Search vendor "Siemens" for product "Teamcenter Active Workspace" and version " >= 5.1 < 5.1.6" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Teamcenter Active Workspace Search vendor "Siemens" for product "Teamcenter Active Workspace" | >= 5.2 < 5.2.3 Search vendor "Siemens" for product "Teamcenter Active Workspace" and version " >= 5.2 < 5.2.3" | - |
Affected
|