CVE-2021-25962 - Vulnerability Details - OpenCVE

“Shuup” application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injection” vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00432.

Key SSVC decision points have not yet been added.

Vendors	Products
Shuup	Shuup

Configuration 1 [-]

cpe:2.3:a:shuup:shuup:*:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

Update to 2.11.0

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962

History

No history.

MITRE

Status: PUBLISHED

Assigner: Mend

Published: 2021-09-29T13:55:10.208119Z

Updated: 2024-09-17T02:11:12.333Z

Reserved: 2021-01-22T00:00:00

Link: CVE-2021-25962

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-09-29T14:15:08.070

Modified: 2024-11-21T05:55:41.060

Link: CVE-2021-25962

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "shuup", "vendor": "shuup", "versions": [{"lessThan": "*", "status": "affected", "version": "0.4.2", "versionType": "custom"}]}], "datePublic": "2021-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "\u201cShuup\u201d application in versions 0.4.2 to 2.10.8 is affected by the \u201cFormula Injection\u201d vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1236", "description": "CWE-1236", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-29T13:55:10", "orgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "shortName": "Mend"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}], "solutions": [{"lang": "en", "value": "Update to 2.11.0"}], "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "discovery": "UNKNOWN"}, "title": "Shuup - Formula Injection in Checkout Addresses", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", "DATE_PUBLIC": "2021-09-25T12:08:00.000Z", "ID": "CVE-2021-25962", "STATE": "PUBLIC", "TITLE": "Shuup - Formula Injection in Checkout Addresses"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "shuup", "version": {"version_data": [{"platform": "", "version_affected": ">=", "version_name": "", "version_value": "0.4.2"}, {"platform": "", "version_affected": "<=", "version_name": "", "version_value": "2.10.8 +1"}]}}]}, "vendor_name": "shuup"}]}}, "configuration": [], "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "\u201cShuup\u201d application in versions 0.4.2 to 2.10.8 is affected by the \u201cFormula Injection\u201d vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed."}]}, "exploit": [], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-1236"}]}]}, "references": {"reference_data": [{"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962", "refsource": "MISC", "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}, {"name": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51", "refsource": "MISC", "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}]}, "solution": [{"lang": "en", "value": "Update to 2.11.0"}], "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "defect": [], "discovery": "UNKNOWN"}, "work_around": []}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:19:19.043Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}]}]}, "cveMetadata": {"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "assignerShortName": "Mend", "cveId": "CVE-2021-25962", "datePublished": "2021-09-29T13:55:10.208119Z", "dateReserved": "2021-01-22T00:00:00", "dateUpdated": "2024-09-17T02:11:12.333Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:shuup:shuup:*:*:*:*:*:*:*:*", "matchCriteriaId": "A567FB15-5A66-4FD9-A3FE-1C25B31CAA55", "versionEndExcluding": "2.11.0", "versionStartIncluding": "0.4.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\u201cShuup\u201d application in versions 0.4.2 to 2.10.8 is affected by the \u201cFormula Injection\u201d vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed."}, {"lang": "es", "value": "La aplicaci\u00f3n \"Shuup\" en versiones 0.4.2 a 2.10.8, est\u00e1 afectada por una vulnerabilidad \"Formula Injection\". Un cliente puede inyectar cargas \u00fatiles en el campo name input en la direcci\u00f3n de facturaci\u00f3n mientras compra un producto. Cuando un administrador de la tienda accede a la p\u00e1gina de informes para exportar los datos como un archivo de Excel y lo abre, la carga \u00fatil es ejecutada\n"}], "id": "CVE-2021-25962", "lastModified": "2024-11-21T05:55:41.060", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "vulnerabilitylab@mend.io", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-29T14:15:08.070", "references": [{"source": "vulnerabilitylab@mend.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}, {"source": "vulnerabilitylab@mend.io", "tags": ["Third Party Advisory"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}], "sourceIdentifier": "vulnerabilitylab@mend.io", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1236"}], "source": "vulnerabilitylab@mend.io", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-1236"}], "source": "nvd@nist.gov", "type": "Primary"}]}