Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-23340

Good to know:

icon

Date: February 18, 2021

This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability.

Language: PHP

Severity Score

Related Resources (4)

https://nvd.nist.gov/vuln/detail/CVE-2021-23340
https://github.com/pimcore/pimcore/blob/v6.7.2/bundles/AdminBundle/Controller/Reports/CustomReportController.php%23L454
https://github.com/pimcore/pimcore/commit/1786bdd4962ee51544fad537352c2b4223309442
https://www.mend.io/vulnerability-database/CVE-2021-23340

Severity Score

Weakness Type (CWE)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-22

Top Fix

icon

Upgrade Version

Upgrade to version pimcore/pimcore - dev-remove-chromium;pimcore/pimcore - dev-asset_preview_tab_supporting_audio;pimcore/pimcore - dev-revert-7767-install-cache-on-install;pimcore/pimcore - dev-monolog_channels_exclude;pimcore/pimcore - v6.8.8;pimcore/pimcore - dev-document_link_marshal;pimcore/pimcore - dev-ecommerce-deprecate-es6;pimcore/pimcore - dev-grid-view-empty-select;pimcore/pimcore - dev-6.8_notices;pimcore/pimcore - dev-codeception5_support;pimcore/pimcore - dev-removed-mysql-5.7;pimcore/pimcore - dev-update-symfony-dependencies-6-4;pimcore/pimcore - 6.8.x-dev;pimcore/pimcore - dev-load-yaml-files;pimcore/pimcore - dev-extjs7_X;pimcore/pimcore - dev-alias;pimcore/pimcore - dev-panel-layout-getLayout-getter;pimcore/pimcore - v5.7.1;pimcore/pimcore - dev-optimize-custom-reports-filters;pimcore/pimcore - dev-common-search-interface;pimcore/pimcore - dev-docs-document-preview-thumb;hirakch/pimcore - v5.0.1;hirakch/pimcore - v6.6.8;hirakch/pimcore - v6.8.7;hirakch/pimcore - v5.3.0;hirakch/pimcore - v5.4.4;hirakch/pimcore - v6.2.3;hirakch/pimcore - v6.4.2;hirakch/pimcore - v6.2.1;hirakch/pimcore - v5.0.4;hirakch/pimcore - v5.6.6;hirakch/pimcore - v5.6.2;hirakch/pimcore - v6.8.0;hirakch/pimcore - v6.3.6;hirakch/pimcore - v6.5.1;cxc222/pimcore - dev-report-permissions;cxc222/pimcore - 5.6.1;cxc222/pimcore - no_fix;cxc222/pimcore - 2.2.0;cxc222/pimcore - v5.0.2;cxc222/pimcore - v5.0.0;hagith/pimcore-boilerplate - 1.4.10;hagith/pimcore-boilerplate - no_fix;hagith/pimcore-boilerplate - dev-plugins;kudeepak/pimcore - no_fix;kudeepak/pimcore - dev-master;kudeepak/pimcore - 2.2.0;kudeepak/pimcore - dev-patch-1;youwe/pimcore-stable - dev-pimcore4;youwe/pimcore-stable - no_fix

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): LOW
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): SINGLE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us