{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-34427", "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "assignerShortName": "eclipse", "dateUpdated": "2024-08-04T00:12:50.360Z", "dateReserved": "2021-06-09T00:00:00", "datePublished": "2021-06-25T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse", "dateUpdated": "2022-12-22T00:00:00"}, "descriptions": [{"lang": "en", "value": "In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance."}], "affected": [{"vendor": "The Eclipse Foundation", "product": "Eclipse BIRT", "versions": [{"version": "unspecified", "lessThanOrEqual": "4.8.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142"}, {"name": "20221220 SEC Consult SA-20221216-0 :: Remote code execution bypass in Eclipse Business Intelligence Reporting Tool (BiRT)", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Dec/30"}, {"url": "http://packetstormsecurity.com/files/170326/Eclipse-Business-Intelligence-Reporting-Tool-4.11.0-Remote-Code-Execution.html"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-20: Improper Input Validation", "cweId": "CWE-20"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:12:50.360Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142", "tags": ["x_transferred"]}, {"name": "20221220 SEC Consult SA-20221216-0 :: Remote code execution bypass in Eclipse Business Intelligence Reporting Tool (BiRT)", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Dec/30"}, {"url": "http://packetstormsecurity.com/files/170326/Eclipse-Business-Intelligence-Reporting-Tool-4.11.0-Remote-Code-Execution.html", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:business_intelligence_and_reporting_tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "03251DD9-16B0-480D-8AC7-2682D377D43F", "versionEndIncluding": "4.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance."}, {"lang": "es", "value": "En Eclipse BIRT versiones 4.8.0 y anteriores, un atacante puede usar par\u00e1metros de consulta para crear un archivo JSP que sea accesible desde el remoto (directorio del visor BIRT actual) para inyectar c\u00f3digo JSP en la instancia en ejecuci\u00f3n"}], "id": "CVE-2021-34427", "lastModified": "2024-11-21T06:10:23.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-25T19:15:09.880", "references": [{"source": "emo@eclipse.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/170326/Eclipse-Business-Intelligence-Reporting-Tool-4.11.0-Remote-Code-Execution.html"}, {"source": "emo@eclipse.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Dec/30"}, {"source": "emo@eclipse.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/170326/Eclipse-Business-Intelligence-Reporting-Tool-4.11.0-Remote-Code-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Dec/30"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142"}], "sourceIdentifier": "emo@eclipse.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "emo@eclipse.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "eclipse-birt: an attacker can use query parameters to create a JSP file and inject JSP code into the running instance", "id": "1977028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977028"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance.", "A flaw was found in eclipse-birt. An attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "name": "CVE-2021-34427", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "eclipse-birt", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2018-08-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-34427\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-34427"], "statement": "This flaw does not affect eclipse-birt as shipped with Red Hat Enterprise Linux 6 because the vulnerable component of birt is not shipped; the shipped package does not contain the affected viewer component.", "threat_severity": "Important"}