CVE-2021-21445 - OpenCVE

SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Commerce Cloud

Configuration 1 [-]

OR	cpe:2.3:a:sap:commerce_cloud:1808:::::::*
	cpe:2.3:a:sap:commerce_cloud:1811:::::::*
	cpe:2.3:a:sap:commerce_cloud:1905:::::::*
	cpe:2.3:a:sap:commerce_cloud:2005:::::::*
	cpe:2.3:a:sap:commerce_cloud:2011:::::::*

No data.

References

Link	Providers
https://launchpad.support.sap.com/#/notes/2984034
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476

History

No history.

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2021-01-12T14:42:03

Updated: 2024-08-03T18:16:22.329Z

Reserved: 2020-12-30T00:00:00

Link: CVE-2021-21445

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-01-12T15:15:14.360

Modified: 2021-03-04T20:11:50.297

Link: CVE-2021-21445

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SAP Commerce Cloud", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "< 1808"}, {"status": "affected", "version": "< 1811"}, {"status": "affected", "version": "< 1905"}, {"status": "affected", "version": "< 2005"}, {"status": "affected", "version": "< 2011"}]}], "descriptions": [{"lang": "en", "value": "SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Header Manipulation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-11T20:21:45", "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"}, {"tags": ["x_refsource_MISC"], "url": "https://launchpad.support.sap.com/#/notes/2984034"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@sap.com", "ID": "CVE-2021-21445", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SAP Commerce Cloud", "version": {"version_data": [{"version_name": "<", "version_value": "1808"}, {"version_name": "<", "version_value": "1811"}, {"version_name": "<", "version_value": "1905"}, {"version_name": "<", "version_value": "2005"}, {"version_name": "<", "version_value": "2011"}]}}]}, "vendor_name": "SAP SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking."}]}, "impact": {"cvss": {"baseScore": "5.4", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Header Manipulation"}]}]}, "references": {"reference_data": [{"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", "refsource": "MISC", "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"}, {"name": "https://launchpad.support.sap.com/#/notes/2984034", "refsource": "MISC", "url": "https://launchpad.support.sap.com/#/notes/2984034"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:16:22.329Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://launchpad.support.sap.com/#/notes/2984034"}]}]}, "cveMetadata": {"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "assignerShortName": "sap", "cveId": "CVE-2021-21445", "datePublished": "2021-01-12T14:42:03", "dateReserved": "2020-12-30T00:00:00", "dateUpdated": "2024-08-03T18:16:22.329Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:commerce_cloud:1808:*:*:*:*:*:*:*", "matchCriteriaId": "5649AB0A-1D84-4716-A178-F196A1DA9C1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:1811:*:*:*:*:*:*:*", "matchCriteriaId": "A9DE60D1-95FF-4220-AE63-2C351781FDA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:1905:*:*:*:*:*:*:*", "matchCriteriaId": "19E11B22-F514-48D6-B78F-8A64CE1BA364", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:2005:*:*:*:*:*:*:*", "matchCriteriaId": "DA3BA250-AB0A-4A27-A81C-C3EECD71B521", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:2011:*:*:*:*:*:*:*", "matchCriteriaId": "41BF14BC-9250-4534-AD6D-2C25B64AA78F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking."}, {"lang": "es", "value": "SAP Commerce Cloud, versiones - 1808, 1811, 1905, 2005, 2011, permite a un atacante autenticado incluir datos invalidados en el encabezado Content Type de la respuesta HTTP, debido a una comprobaci\u00f3n de entrada inapropiada, y se env\u00eda a un usuario Web. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a ataques avanzados, incluyendo cross-site scripting y secuestro de p\u00e1ginas"}], "id": "CVE-2021-21445", "lastModified": "2021-03-04T20:11:50.297", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "cna@sap.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-01-12T15:15:14.360", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required"], "url": "https://launchpad.support.sap.com/#/notes/2984034"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-444"}], "source": "nvd@nist.gov", "type": "Primary"}]}