CVE-2021-42013 — CRITICAL (9.8)

Q: How severe is CVE-2021-42013?

CVE-2021-42013 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2021-42013?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Fedoraproject Fedora, Oracle Instantis Enterprisetrack, Oracle Jd Edwards Enterpriseone Tools, Oracle Secure Backup.

Vulnerability Description

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Apache	Http Server	2.4.49
Fedoraproject	Fedora	34
Oracle	Instantis Enterprisetrack	17.1
Oracle	Jd Edwards Enterpriseone Tools	< 9.2.6.0
Oracle	Secure Backup	< 18.1.0.1.0
Netapp	Cloud Backup	-

Related Weaknesses (CWE)

CWE-22

References

http://jvn.jp/en/jp/JVN51106450/index.htmlThird Party Advisory
http://packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-TraveExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-CodExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-RemotExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-CodExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-4Third Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.ExploitThird Party AdvisoryVDB Entry
http://www.openwall.com/lists/oss-security/2021/10/07/6Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/10/08/1Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/10/08/2Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/10/08/3Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/10/08/4Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/10/08/5Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/10/08/6Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/10/09/1Mailing ListThird Party Advisory

FAQ

What is CVE-2021-42013?

CVE-2021-42013 is a vulnerability with a CVSS score of 9.8 (CRITICAL). It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Ali...

How severe is CVE-2021-42013?

CVE-2021-42013 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2021-42013?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Fedoraproject Fedora, Oracle Instantis Enterprisetrack, Oracle Jd Edwards Enterpriseone Tools, Oracle Secure Backup.