Vulnerability Description
OpenOlat is a web-based learning management system (LMS). Prior to version 15.3.18, 15.5.3, and 16.0.0, using a prepared import XML file (e.g. a course) any class on the Java classpath can be instantiated, including spring AOP bean factories. This can be used to execute code arbitrary code by the attacker. The attack requires an OpenOlat user account with the authoring role. It can not be exploited by unregistered users. The problem is fixed in versions 15.3.18, 15.5.3, and 16.0.0. There are no known workarounds aside from upgrading.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Frentix | Openolat | < 15.3.18 |
Related Weaknesses (CWE)
References
- https://github.com/OpenOLAT/OpenOLAT/commit/3f219ac457afde82e3be57bc614352ab92c0PatchThird Party Advisory
- https://github.com/OpenOLAT/OpenOLAT/security/advisories/GHSA-596v-3gwh-2m9wThird Party Advisory
- https://jira.openolat.org/browse/OO-5548Permissions Required
- https://github.com/OpenOLAT/OpenOLAT/commit/3f219ac457afde82e3be57bc614352ab92c0PatchThird Party Advisory
- https://github.com/OpenOLAT/OpenOLAT/security/advisories/GHSA-596v-3gwh-2m9wThird Party Advisory
- https://jira.openolat.org/browse/OO-5548Permissions Required
FAQ
What is CVE-2021-39181?
CVE-2021-39181 is a vulnerability with a CVSS score of 8.8 (HIGH). OpenOlat is a web-based learning management system (LMS). Prior to version 15.3.18, 15.5.3, and 16.0.0, using a prepared import XML file (e.g. a course) any class on the Java classpath can be instanti...
How severe is CVE-2021-39181?
CVE-2021-39181 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-39181?
Check the references section above for vendor advisories and patch information. Affected products include: Frentix Openolat.