SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. Users can escape the context of the configured user-controllable variable and append additional functions native to the macro but not included as variables within the library. This includes a function that retrieves files from the host OS.
References
Link | Resource |
---|---|
https://support.sas.com/kb/68/641.html | Vendor Advisory |
https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-11-19T17:14:10
Updated: 2021-12-02T02:43:29
Reserved: 2021-09-23T00:00:00
Link: CVE-2021-41569
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-19T18:15:09.677
Modified: 2022-04-06T13:22:10.557
Link: CVE-2021-41569
JSON object: View
Redhat Information
No data.
CWE