CVE-2021-25962 - OpenCVE

“Shuup” application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injection” vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Shuup	Shuup

Configuration 1 [-]

cpe:2.3:a:shuup:shuup:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51	Patch Third Party Advisory
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Mend

Published: 2021-09-25T00:00:00

Updated: 2021-09-29T13:55:10

Reserved: 2021-01-22T00:00:00

Link: CVE-2021-25962

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-09-29T14:15:08.070

Modified: 2021-10-06T20:30:01.977

Link: CVE-2021-25962

JSON object: View

Redhat Information

No data.

CWE

CWE-1236

{"containers": {"cna": {"affected": [{"product": "shuup", "vendor": "shuup", "versions": [{"lessThan": "*", "status": "affected", "version": "0.4.2", "versionType": "custom"}]}], "datePublic": "2021-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "\u201cShuup\u201d application in versions 0.4.2 to 2.10.8 is affected by the \u201cFormula Injection\u201d vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1236", "description": "CWE-1236", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-29T13:55:10", "orgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "shortName": "Mend"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}], "solutions": [{"lang": "en", "value": "Update to 2.11.0"}], "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "discovery": "UNKNOWN"}, "title": "Shuup - Formula Injection in Checkout Addresses", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", "DATE_PUBLIC": "2021-09-25T12:08:00.000Z", "ID": "CVE-2021-25962", "STATE": "PUBLIC", "TITLE": "Shuup - Formula Injection in Checkout Addresses"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "shuup", "version": {"version_data": [{"platform": "", "version_affected": ">=", "version_name": "", "version_value": "0.4.2"}, {"platform": "", "version_affected": "<=", "version_name": "", "version_value": "2.10.8 +1"}]}}]}, "vendor_name": "shuup"}]}}, "configuration": [], "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "\u201cShuup\u201d application in versions 0.4.2 to 2.10.8 is affected by the \u201cFormula Injection\u201d vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed."}]}, "exploit": [], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-1236"}]}]}, "references": {"reference_data": [{"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962", "refsource": "MISC", "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}, {"name": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51", "refsource": "MISC", "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}]}, "solution": [{"lang": "en", "value": "Update to 2.11.0"}], "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "defect": [], "discovery": "UNKNOWN"}, "work_around": []}}}, "cveMetadata": {"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "assignerShortName": "Mend", "cveId": "CVE-2021-25962", "datePublished": "2021-09-25T00:00:00", "dateReserved": "2021-01-22T00:00:00", "dateUpdated": "2021-09-29T13:55:10", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:shuup:shuup:*:*:*:*:*:*:*:*", "matchCriteriaId": "A567FB15-5A66-4FD9-A3FE-1C25B31CAA55", "versionEndExcluding": "2.11.0", "versionStartIncluding": "0.4.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\u201cShuup\u201d application in versions 0.4.2 to 2.10.8 is affected by the \u201cFormula Injection\u201d vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed."}, {"lang": "es", "value": "La aplicaci\u00f3n \"Shuup\" en versiones 0.4.2 a 2.10.8, est\u00e1 afectada por una vulnerabilidad \"Formula Injection\". Un cliente puede inyectar cargas \u00fatiles en el campo name input en la direcci\u00f3n de facturaci\u00f3n mientras compra un producto. Cuando un administrador de la tienda accede a la p\u00e1gina de informes para exportar los datos como un archivo de Excel y lo abre, la carga \u00fatil es ejecutada\n"}], "id": "CVE-2021-25962", "lastModified": "2021-10-06T20:30:01.977", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "vulnerabilitylab@mend.io", "type": "Secondary"}]}, "published": "2021-09-29T14:15:08.070", "references": [{"source": "vulnerabilitylab@mend.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/shuup/shuup/commit/0a2db392e8518410c282412561461cd8797eea51"}, {"source": "vulnerabilitylab@mend.io", "tags": ["Third Party Advisory"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25962"}], "sourceIdentifier": "vulnerabilitylab@mend.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1236"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1236"}], "source": "vulnerabilitylab@mend.io", "type": "Secondary"}]}