CVE-2021-41744
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product life, and the collaborative creation, distribution, application and management of product information across organizations. Yonyou PLM uses jboss by default, and you can access the management control background without authorization An attacker can use this vulnerability to gain server permissions.
Todas las versiones de yongyou PLM están afectadas por un problema de inyección de comandos. UFIDA PLM (Product Life Cycle Management) es un método de administración estratégica. Aplica una serie de sistemas de aplicaciones empresariales para apoyar todo el proceso, desde el diseño conceptual hasta el final de la vida del producto, y la creación, distribución, aplicación y administración de la información del producto en colaboración con todas las organizaciones. Yonyou PLM usa jboss por defecto, y puede acceder al fondo de control de administración sin autorización. Un atacante puede usar esta vulnerabilidad para conseguir permisos de servidor
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-09-27 CVE Reserved
- 2021-10-22 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://www.cnvd.org.cn/flaw/show/CNVD-2021-39097 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Yonyou Search vendor "Yonyou" | Ufida Product Lifecycle Management Search vendor "Yonyou" for product "Ufida Product Lifecycle Management" | - | - |
Affected
|