How severe is CVE-2021-39181?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2021-39181?

This is classified as CWE-91, which is a common weakness in software security.

CVE-2021-39181 - HIGH Severity | CVSS 8.8

Vulnerability Description

OpenOlat is a web-based learning management system (LMS). Prior to version 15.3.18, 15.5.3, and 16.0.0, using a prepared import XML file (e.g. a course) any class on the Java classpath can be instantiated, including spring AOP bean factories. This can be used to execute code arbitrary code by the attacker. The attack requires an OpenOlat user account with the authoring role. It can not be exploited by unregistered users. The problem is fixed in versions 15.3.18, 15.5.3, and 16.0.0. There are no known workarounds aside from upgrading.

Related Vulnerabilities

CVE-2018-16785

HIGH

CVSS:8.8(High)

XML injection vulnerability exists in the file of DedeCMS V5.7 SP2 version, which can be utilized by attackers to create script file to obtain webshell

CWE-912018

CVE-2018-19277

HIGH

CVSS:8.8(High)

securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file

CWE-912018

CVE-2018-2477

HIGH

CVSS:8.8(High)

Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.

CWE-912018

CVE-2019-17323

HIGH

CVSS:8.8(High)

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to expl...

CWE-912019

CVE-2021-2322

HIGH

CVSS:8.8(High)

Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to comprom...

CWE-912021

CVE-2021-36359

HIGH

CVSS:8.8(High)

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFo...

CWE-912021