CVE-2021-21427

Sep 3, 2024

Published Date: 2021-04-21T21:15Z

Last Modified: 2021-04-30T15:34Z

CVSS Score: 7.2 (HIGH)

EPSS Score: 0.10%

Risk Score: 5.04 (HIGH)

Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.

CVSS: 7.2 | EPSS: 0.1%

NVD Links:

https://nvd.nist.gov/vuln/detail/CVE-2021-21427

Description: Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized access to restricted resources. This is a backport of CVE-2021-21024. The vulnerability is patched in versions 19.4.13 and 20.0.9.

Mitre ATT&CK Technical v15.1

T1153 – Source
T1053.002 – At

Technical Analysis & Mitigation Measures

Reference Links

https://github.com/OpenMage/magento-lts/security/advisories/GHSA-fvrf-9428-527m

Vendor - Produce - Version

magento - openmage, magento - openmage

Disclaimer

The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.