Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-36022: Adobe Security Bulletin

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.

CVE
#xss#vulnerability#dos#rce#xpath#ssrf#auth

Security Updates Available for Adobe Commerce | APSB21-64

Magento has released updates for Adobe Commerce and Magento Open Source editions. These updates resolve vulnerabilities rated critical and important. Successful exploitation could lead to arbitrary code execution.

Product

Version

Platform

Adobe Commerce

2.4.2 and earlier versions

All

2.4.2-p1 and earlier versions

All

2.3.7 and earlier versions

All

Magento Open Source

2.4.2-p1 and earlier versions

All

2.3.7 and earlier versions

All

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version.

Product

Updated Version

Platform

Priority Rating

Release Notes

Adobe Commerce

2.4.3

All

2

2.4.x release notes

2.3.x release notes

2.4.2-p2

All

2

2.3.7-p1

All

2

Magento Open Source

2.4.3

All

2

2.4.2-p2

All

2

2.3.7-p1

All

2

Vulnerability Category

Vulnerability Impact

Severity

Pre-authentication?

Admin privileges required?

CVSS base score

CVSS vector

Magento Bug ID

CVE numbers

Business Logic Errors (CWE-840)

Security feature bypass

Important

yes

no

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

PRODSECBUG-2934

CVE-2021-36012

Cross-site Scripting (Stored XSS) (CWE-79)

Arbitrary code execution

Important

no

no

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

PRODSECBUG-2963

PRODSECBUG-2964

CVE-2021-36026

CVE-2021-36027

Improper Access Control (CWE-284)

Arbitrary code execution

Critical

yes

yes

9.1

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

PRODSECBUG-2977

CVE-2021-36036

Improper Authorization (CWE-285)

Security feature bypass

Critical

yes

yes

9.1

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

PRODSECBUG-2968

CVE-2021-36029

Improper Authorization (CWE-285)

Security feature bypass

Important

no

no

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

PRODSECBUG-2980

CVE-2021-36037

Improper Input Validation (CWE-20)

Application denial-of-service

Critical

No

no

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

PRODSECBUG-3004

CVE-2021-36044

Improper Input Validation (CWE-20)

Privilege escalation

Critical

yes

no

8.3

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

PRODSECBUG-2971

CVE-2021-36032

Improper Input Validation (CWE-20)

Security feature bypass

Critical

no

no

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

PRODSECBUG-2969

CVE-2021-36030

Improper Input Validation (CWE-20)

Security feature bypass

Important

no

no

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

PRODSECBUG-2982

CVE-2021-36038

Improper Input Validation (CWE-20)

Arbitrary code execution

Critical

yes

yes

9.1

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

PRODSECBUG-2959

PRODSECBUG-2960

PRODSECBUG-2962

PRODSECBUG-2975

PRODSECBUG-2976

PRODSECBUG-2987

PRODSECBUG-2988

PRODSECBUG-2992

CVE-2021-36021

CVE-2021-36024

CVE-2021-36025

CVE-2021-36034

CVE-2021-36035

CVE-2021-36040

CVE-2021-36041

CVE-2021-36042

Path Traversal

(CWE-22)

Arbitrary code execution

Critical

yes

yes

7.2

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

PRODSECBUG-2970

CVE-2021-36031

OS Command Injection (CWE-78)

Arbitrary code execution

Critical

yes

yes

9.1

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

PRODSECBUG-2958

PRODSECBUG-2960

CVE-2021-36022

CVE-2021-36023

Incorrect Authorization (CWE-863)

Arbitrary file system read

Important

yes

no

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

PRODSECBUG-2984

CVE-2021-36039

Server-Side Request Forgery (SSRF)

(CWE-918)

Arbitrary code execution

Critical

yes

yes

8

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

PRODSECBUG-2996

CVE-2021-36043

XML Injection

(aka Blind XPath Injection) (CWE-91)

Arbitrary code execution

Critical

no

no

8.2

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

PRODSECBUG-2937

CVE-2021-36020

XML Injection

(aka Blind XPath Injection) (CWE-91)

Arbitrary code execution

Critical

yes

yes

9.1

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

PRODSECBUG-2965

PRODSECBUG-2972

CVE-2021-36028

CVE-2021-36033

Pre-authentication: The vulnerability is exploitable without credentials.

Admin privileges required: The vulnerability is only exploitable by an attacker with administrative privileges.

Adobe would like to thank the following individuals for reporting the relevant issues and for working with Adobe to help protect our customers:

  • Blaklis (CVE-2021-36023, CVE-2021-36026, CVE-2021-36027, CVE-2021-36036, CVE-2021-36029, CVE-2021-36021, CVE-2021-36024, CVE-2021-36025, CVE-2021-36034, CVE-2021-36035, CVE-2021-36031)
  • Igorsdv (CVE-2021-36012)
  • Zb3 (CVE-2021-36037, CVE-2021-36032, CVE-2021-36038, CVE-2021-36040, CVE-2021-36041, CVE-2021-36042, CVE-2021-36039, CVE-2021-36043, CVE-2021-36033, CVE-2021-36028)
  • Dftrace (CVE-2021-36044)
  • Floorz (CVE-2021-36030)
  • Eboda (CVE-2021-36022)
  • Trivani Pant on behalf of Broadway Photo Supply Limited (CVE-2021-36020)

August 13, 2021: Updated Magento/Magento commerce with Adobe Commerce.

For more information, visit https://helpx.adobe.com/security.html, or email [email protected].

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907