CVE-2021-41325

Source
https://cve.org/CVERecord?id=CVE-2021-41325
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41325.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-41325
Published
2021-09-30T19:15:07.513Z
Modified
2026-07-09T05:45:08.911954Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.)

References

Affected packages

Git / github.com/pydio/cells

Affected ranges

Type
GIT
Repo
https://github.com/pydio/cells
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:pydio:cells:2.2.9:*:*:*:-:*:*:*",
        "cpe:2.3:a:pydio:cells:2.2.9:*:*:*:enterprise:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "2.2.9"
        },
        {
            "last_affected": "2.2.9"
        }
    ],
    "source": [
        "CPE_STRING",
        "REFERENCES"
    ]
}

Affected versions

2.*
2.2.9
v2.*
v2.2.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41325.json"