CPANSA-MT-2021-20837: MT vulnerability

Publisher	giterlizzi	Document category	csaf_security_advisory
Initial release date	2021-10-26T00:00:00	Engine	CSAF Perl Toolkit 0.25
Current release date	2021-10-26T00:00:00	Build Date
Current version	1	Status	final
CVSS v3.1 Base Score	9.8	Severity	Critical
Original language		Language	en
Also referred to

Vulnerability Description

Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability.

Vulnerabilities

CVE-2021-20837

Vulnerability Description

Weakness	CWE-78 : Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Known affected

Product

Score

MT greater than or equal 7 and less than or equal 7.8.1

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
3.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	9.8	Critical
2.0	AV:N/AC:L/Au:N/C:P/I:P/A:P	7.5	High

MT greater than or equal 6 and less than or equal 6.8.2

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
3.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	9.8	Critical
2.0	AV:N/AC:L/Au:N/C:P/I:P/A:P	7.5	High

MT less than 6

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
3.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	9.8	Critical
2.0	AV:N/AC:L/Au:N/C:P/I:P/A:P	7.5	High

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

CPANSA-MT-2021-20837 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2021/cpansa-mt-2021-20837.json
https://jvn.jp/en/jp/JVN41119755/index.html external
https://jvn.jp/en/jp/JVN41119755/index.html
https://movabletype.org/news/2021/10/mt-782-683-released.html external
https://movabletype.org/news/2021/10/mt-782-683-released.html
http://packetstormsecurity.com/files/164818/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html external
http://packetstormsecurity.com/files/164818/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html
http://packetstormsecurity.com/files/164705/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html external
http://packetstormsecurity.com/files/164705/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html
CVE-2021-20837 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2021-20837

Revision history

Version	Date of the revision	Summary of the revision
1	Tue Oct 26 00:00:00 2021	First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/