{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-36036", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "state": "PUBLISHED", "assignerShortName": "adobe", "dateReserved": "2021-06-30T18:34:04.865Z", "datePublished": "2023-09-06T13:08:11.318Z", "dateUpdated": "2025-02-27T21:00:40.727Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Adobe Commerce", "vendor": "Adobe", "versions": [{"lessThanOrEqual": "2.3.7", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2021-08-10T17:00:00.000Z", "descriptions": [{"lang": "en", "value": "Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege can gain access to delete the .htaccess file. This could result in the attacker achieving remote code execution."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 7.2, "environmentalSeverity": "HIGH", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "NETWORK", "modifiedAvailabilityImpact": "HIGH", "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "HIGH", "modifiedPrivilegesRequired": "HIGH", "modifiedScope": "NOT_DEFINED", "modifiedUserInteraction": "NONE", "privilegesRequired": "HIGH", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", "temporalScore": 7.2, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "Improper Access Control (CWE-284)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2023-09-14T12:15:42.779Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"}], "source": {"discovery": "EXTERNAL"}, "title": "Magento Commerce Media Gallery Upload Improper Access Control Could Lead To Remote Code Execution"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:47:43.336Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-26T21:52:37.519606Z", "id": "CVE-2021-36036", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-27T21:00:40.727Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-36036", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "state": "PUBLISHED", "assignerShortName": "adobe", "dateReserved": "2021-06-30T18:34:04.865Z", "datePublished": "2023-09-06T13:08:11.318Z", "dateUpdated": "2025-02-27T21:00:40.727Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Adobe Commerce", "vendor": "Adobe", "versions": [{"lessThanOrEqual": "2.3.7", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2021-08-10T17:00:00.000Z", "descriptions": [{"lang": "en", "value": "Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege can gain access to delete the .htaccess file. This could result in the attacker achieving remote code execution."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 7.2, "environmentalSeverity": "HIGH", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "NETWORK", "modifiedAvailabilityImpact": "HIGH", "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "HIGH", "modifiedPrivilegesRequired": "HIGH", "modifiedScope": "NOT_DEFINED", "modifiedUserInteraction": "NONE", "privilegesRequired": "HIGH", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", "temporalScore": 7.2, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "Improper Access Control (CWE-284)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2023-09-14T12:15:42.779Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"}], "source": {"discovery": "EXTERNAL"}, "title": "Magento Commerce Media Gallery Upload Improper Access Control Could Lead To Remote Code Execution"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:47:43.336Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-36036", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-26T21:52:37.519606Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T20:38:25.324Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", "matchCriteriaId": "727FB993-9F35-40EA-BF41-E4757F21C5FE", "versionEndExcluding": "2.3.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", "matchCriteriaId": "9DF037A1-026B-4083-97FB-13578A56326C", "versionEndExcluding": "2.3.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", "matchCriteriaId": "FEBAEE65-BE3C-45B8-A321-F24F90495906", "versionEndExcluding": "2.4.2", "versionStartIncluding": "2.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", "matchCriteriaId": "6A81A9D5-8570-430F-AD20-BEBEC3151865", "versionEndExcluding": "2.4.2", "versionStartIncluding": "2.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:commerce:*:*:*", "matchCriteriaId": "F124A6F4-E3B3-4065-970D-963BAAAD59CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:open_source:*:*:*", "matchCriteriaId": "4F1E5426-A646-4EC1-902A-FD30B00AD1AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:commerce:*:*:*", "matchCriteriaId": "58C98B8D-6E7B-44FA-8C73-D2AA1DC0A074", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:open_source:*:*:*", "matchCriteriaId": "930C8AEF-C433-4CF9-AC81-7CCFC3EDFD48", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:commerce:*:*:*", "matchCriteriaId": "68A6F795-960A-42F0-96BA-2E3D912F3E1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:open_source:*:*:*", "matchCriteriaId": "E9CD54D8-4E55-4437-B762-A68F2BE62CF3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege can gain access to delete the .htaccess file. This could result in the attacker achieving remote code execution."}, {"lang": "es", "value": "Las versiones 2.4.2 (y anteriores), 2.4.2-p1 (y anteriores) y 2.3.7 (y anteriores) de Magento est\u00e1n afectadas por una vulnerabilidad de control de acceso incorrecta dentro del flujo de trabajo de Magento's Media Gallery Upload. Al almacenar un archivo especialmente manipulado en la galer\u00eda del sitio web, un atacante autenticado con privilegios administrativos puede obtener acceso para eliminar el archivo .htaccess. Esto podr\u00eda provocar que el atacante logre la ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2021-36036", "lastModified": "2024-11-21T06:12:59.950", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "psirt@adobe.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2023-09-06T14:15:09.110", "references": [{"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "psirt@adobe.com", "type": "Secondary"}]}

{}

{}