CVE-2021-35968 - OpenCVE

The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote attackers can access the system directory thru Path Traversal with users’ privileges.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Learningdigital	Orca Hcm

Configuration 1 [-]

cpe:2.3:a:learningdigital:orca_hcm:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25
https://www.twcert.org.tw/tw/cp-132-4928-7e87b-1.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2021-07-19T11:55:47.851205Z

Updated: 2024-09-17T01:01:11.960Z

Reserved: 2021-06-30T00:00:00

Link: CVE-2021-35968

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-07-19T12:15:08.727

Modified: 2021-07-29T13:52:29.287

Link: CVE-2021-35968

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Orca HCM", "vendor": "Learningdigital.com, Inc.", "versions": [{"lessThanOrEqual": "10.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2021-07-19T00:00:00", "descriptions": [{"lang": "en", "value": "The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote attackers can access the system directory thru Path Traversal with users\u2019 privileges."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-07-19T11:55:47", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25"}, {"tags": ["x_refsource_MISC"], "url": "https://www.twcert.org.tw/tw/cp-132-4928-7e87b-1.html"}], "solutions": [{"lang": "en", "value": "Update Orca HCM to version 10.9"}], "source": {"advisory": "TVN-202107009", "discovery": "EXTERNAL"}, "title": "Learningdigital.com, Inc. Orca HCM - Path Traversal-2", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-07-19T11:36:00.000Z", "ID": "CVE-2021-35968", "STATE": "PUBLIC", "TITLE": "Learningdigital.com, Inc. Orca HCM - Path Traversal-2"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Orca HCM", "version": {"version_data": [{"version_affected": "<=", "version_value": "10.0"}]}}]}, "vendor_name": "Learningdigital.com, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote attackers can access the system directory thru Path Traversal with users\u2019 privileges."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25", "refsource": "MISC", "url": "https://www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25"}, {"name": "https://www.twcert.org.tw/tw/cp-132-4928-7e87b-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-4928-7e87b-1.html"}]}, "solution": [{"lang": "en", "value": "Update Orca HCM to version 10.9"}], "source": {"advisory": "TVN-202107009", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:47:42.584Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.twcert.org.tw/tw/cp-132-4928-7e87b-1.html"}]}]}, "cveMetadata": {"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-35968", "datePublished": "2021-07-19T11:55:47.851205Z", "dateReserved": "2021-06-30T00:00:00", "dateUpdated": "2024-09-17T01:01:11.960Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:learningdigital:orca_hcm:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DD0FF13-4AF2-4BE9-AA93-428611BF30CE", "versionEndIncluding": "10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote attackers can access the system directory thru Path Traversal with users\u2019 privileges."}, {"lang": "es", "value": "El par\u00e1metro directory list page de la plataforma de aprendizaje digital Orca HCM no filtra correctamente los caracteres especiales. Unos atacantes remotos pueden acceder al directorio del sistema a trav\u00e9s de Salto de Ruta con privilegios de usuario"}], "id": "CVE-2021-35968", "lastModified": "2021-07-29T13:52:29.287", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "twcert@cert.org.tw", "type": "Primary"}]}, "published": "2021-07-19T12:15:08.727", "references": [{"source": "twcert@cert.org.tw", "tags": ["Not Applicable"], "url": "https://www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25"}, {"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-4928-7e87b-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "twcert@cert.org.tw", "type": "Primary"}]}