CVE-2021-37531

Description

SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, contains an XSLT vulnerability which allows a non-administrative authenticated attacker to craft a malicious XSL stylesheet file containing a script with OS-level commands, copy it into a location to be accessed by the system and then create a file which will trigger the XSLT engine to execute the script contained within the malicious XSL file. This can result in a full compromise of the confidentiality, integrity, and availability of the system.

References

Link	Tags
https://launchpad.support.sap.com/#/notes/3081888	permissions required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405	vendor advisory
http://seclists.org/fulldisclosure/2022/Jan/75	third party advisory mailing list
http://packetstormsecurity.com/files/165751/SAP-Enterprise-Portal-XSLT-Injection.html	vdb entry third party advisory

Frequently Asked Questions

What is the severity of CVE-2021-37531?: CVE-2021-37531 has been scored as a high severity vulnerability.
How to fix CVE-2021-37531?: To fix CVE-2021-37531, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-37531 being actively exploited in the wild?: It is possible that CVE-2021-37531 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~4% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-37531?: CVE-2021-37531 affects SAP SE SAP NetWeaver Knowledge Management XML Forms.

Description

Category

CWE-78 – Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

References

Frequently Asked Questions