CVE-2021-21018

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-21018

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21018.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-21018

Aliases

Published

2021-02-11T20:15:14Z

Modified

2024-09-03T03:40:24.479910Z

Summary

[none]

Details

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.

References

https://helpx.adobe.com/security/products/magento/apsb21-08.html

Affected packages

Git / github.com/magento/devdocs

Affected ranges

Type: GIT
Repo: https://github.com/magento/devdocs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9eba2c99bed83d8297c03b7ea3b110500cc5b955

Type: GIT
Repo: https://github.com/magento/magento2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

53ad434d78cd2d357203fb82e5ea059883f403b8

Affected versions

0.*

0.1.0-alpha100

0.1.0-alpha101

0.1.0-alpha102

0.1.0-alpha103

0.1.0-alpha104

0.1.0-alpha105

0.1.0-alpha106

0.1.0-alpha107

0.1.0-alpha108

0.1.0-alpha89

0.1.0-alpha90

0.1.0-alpha91

0.1.0-alpha92

0.1.0-alpha93

0.1.0-alpha94

0.1.0-alpha95

0.1.0-alpha96

0.1.0-alpha97

0.1.0-alpha98

0.1.0-alpha99

0.42.0-beta1

0.42.0-beta10

0.42.0-beta11

0.42.0-beta2

0.42.0-beta3

0.42.0-beta4

0.42.0-beta5

0.42.0-beta6

0.42.0-beta7

0.42.0-beta8

0.42.0-beta9

0.74.0-beta1

0.74.0-beta10

0.74.0-beta11

0.74.0-beta12

0.74.0-beta13

0.74.0-beta14

0.74.0-beta15

0.74.0-beta16

0.74.0-beta2

0.74.0-beta3

0.74.0-beta4

0.74.0-beta5

0.74.0-beta6

0.74.0-beta7

0.74.0-beta8

0.74.0-beta9

1.*

1.0.0-beta

1.x-eos

2.*

2.0.0

2.0.0-rc

2.0.0-rc2

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.8

2.0.9

2.1.0

2.1.0-rc1

2.1.0-rc2

2.1.0-rc3

2.1.1

2.1.10

2.1.11

2.1.12

2.1.13

2.1.14

2.1.15

2.1.16

2.1.17

2.1.18

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

2.2.0

2.2.0-RC1.1

2.2.0-RC1.2

2.2.0-RC1.3

2.2.0-RC1.4

2.2.0-RC1.5

2.2.0-RC1.6

2.2.0-RC1.8

2.2.0-rc2.0

2.2.0-rc2.1

2.2.0-rc2.2

2.2.0-rc2.3

2.2.0-rc3.0

2.2.1

2.2.10

2.2.11

2.2.2

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

2.3.0

2.3.1

2.3.2

2.3.2-p1

2.3.3

2.3.3-p1

2.3.4

2.3.5