CVE-2021-41152

Published on: 10/18/2021 12:00:00 AM UTC

Last Modified on: 10/22/2021 01:52:00 PM UTC

CVE-2021-41152 - advisory for GHSA-m8j5-837g-2p3f

Source: Mitre Source: Nist Print: PDF PDF
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Certain versions of Openolat from Frentix contain the following vulnerability:

OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on the target system. The attack could be used to read any file accessible in the web root folder or outside, depending on the configuration of the system and the properly configured permission of the application server user. The attack requires an OpenOlat user account or the enabled guest user feature together with the usage of the folder component in a course. The attack does not allow writing of arbitrary files, it allows only reading of files and also only ready of files that the attacker knows the exact path which is very unlikely at least for OpenOlat data files. The problem is fixed in version 15.5.8 and 16.0.1 It is advised to upgrade to version 16.0.x. There are no known workarounds to fix this problem, an upgrade is necessary.

  • CVE-2021-41152 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.
  • Affected Vendor/Software: URL Logo OpenOLAT - OpenOLAT version < 15.5.8

CVSS3 Score: 7.7 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
CHANGED HIGH NONE NONE

CVSS2 Score: 4 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW SINGLE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
Path Traversal in Folder Component Leading to Local File Inclusion · Advisory · OpenOLAT/OpenOLAT · GitHub github.com
text/html
URL Logo CONFIRM github.com/OpenOLAT/OpenOLAT/security/advisories/GHSA-m8j5-837g-2p3f
Log in - OpenOlat Issue Management jira.openolat.org
text/html
URL Logo MISC jira.openolat.org/browse/OO-5696
OO-5696: validate file selections against current container · OpenOLAT/[email protected] · GitHub github.com
text/html
URL Logo MISC github.com/OpenOLAT/OpenOLAT/commit/418bb509ffcb0e25ab4390563c6c47f0458583eb

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationFrentixOpenolatAllAllAllAll
  • cpe:2.3:a:frentix:openolat:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @CVEreport CVE-2021-41152 : OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication,… twitter.com/i/web/status/1… 2021-10-18 21:01:30
Twitter Icon @Robo_Alerts Potentially Critical CVE Detected! CVE-2021-41152 Description: OpenOlat is a web-based e-learning platform for teac… twitter.com/i/web/status/1… 2021-10-18 22:00:10
© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report