CVE-2021-21242 | OneDev is an all-in-one devops platform. In OneDev before ve… | CVSS 10.0 CRITICAL

Description

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the `Attachment-Support` header. This Servlet does not enforce any authentication or authorization checks. This issue may lead to pre-auth remote code execution. This issue was fixed in 4.0.3 by removing AttachmentUploadServlet and not using deserialization

Metadata

CVE ID: CVE-2021-21242
State: PUBLISHED
Assigner: GitHub_M
Reserved: 2020-12-22 00:00 UTC
Published: 2021-01-15 20:05 UTC
Last updated: 2024-08-03 18:09 UTC
Primary CWE: CWE-74
CWE-74 Improper Neutralization of Special Elements in Output…
Vendor / Product: theonedev / onedev
Sources: cve.org · NVD

Severity & Metrics

10.0 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Affected products (1)

Vendor	Product	Platform	Versions
theonedev	onedev	—	< 4.0.3

Weakness (CWE)

CWE	Source	Description
CWE-74	cna	CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSS scores (1)

Score	Severity	Version	Source	Vector
10.0	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

References (2)