Vulnerability Description
Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Servicecomb | >= 1.0.0, < 2.0.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2021/08/10/3Mailing ListThird Party Advisory
- https://lists.apache.org/thread.html/r337be65e504eac52a12e89d7de40345e5d335deee9
- https://lists.apache.org/thread.html/r337be65e504eac52a12e89d7de40345e5d335deee9Mailing ListVendor Advisory
- http://www.openwall.com/lists/oss-security/2021/08/10/3Mailing ListThird Party Advisory
- https://lists.apache.org/thread.html/r337be65e504eac52a12e89d7de40345e5d335deee9
- https://lists.apache.org/thread.html/r337be65e504eac52a12e89d7de40345e5d335deee9Mailing ListVendor Advisory
FAQ
What is CVE-2021-21501?
CVE-2021-21501 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0.
How severe is CVE-2021-21501?
CVE-2021-21501 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-21501?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Servicecomb.