GSD-2021-33203
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-33203",
"description": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.",
"id": "GSD-2021-33203",
"references": [
"https://www.suse.com/security/cve/CVE-2021-33203.html",
"https://access.redhat.com/errata/RHSA-2021:5070",
"https://access.redhat.com/errata/RHSA-2021:4702",
"https://access.redhat.com/errata/RHSA-2021:3490",
"https://ubuntu.com/security/CVE-2021-33203",
"https://advisories.mageia.org/CVE-2021-33203.html",
"https://security.archlinux.org/CVE-2021-33203",
"https://linux.oracle.com/cve/CVE-2021-33203.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-33203"
],
"details": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.",
"id": "GSD-2021-33203",
"modified": "2023-12-13T01:23:18.795147Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://groups.google.com/forum/#!forum/django-announce",
"refsource": "MISC",
"url": "https://groups.google.com/forum/#!forum/django-announce"
},
{
"name": "https://docs.djangoproject.com/en/3.2/releases/security/",
"refsource": "MISC",
"url": "https://docs.djangoproject.com/en/3.2/releases/security/"
},
{
"name": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/",
"refsource": "CONFIRM",
"url": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210727-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210727-0004/"
},
{
"name": "FEDORA-2022-e7fd530688",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV/"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.2.24||\u003e=3.0.0,\u003c3.1.12||\u003e=3.2.0,\u003c3.2.4",
"affected_versions": "All versions before 2.2.24, all versions starting from 3.0.0 before 3.1.12, all versions starting from 3.2.0 before 3.2.4",
"cvss_v2": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-937"
],
"date": "2022-02-25",
"description": "Django has a potential directory traversal via `django.contrib.admindocs`. Staff members could use the `TemplateDetailView` view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.",
"fixed_versions": [
"2.2.24",
"3.1.12",
"3.2.4"
],
"identifier": "CVE-2021-33203",
"identifiers": [
"CVE-2021-33203"
],
"not_impacted": "All versions starting from 2.2.24 before 3.0.0, all versions starting from 3.1.12 before 3.2.0, all versions starting from 3.2.4",
"package_slug": "pypi/Django",
"pubdate": "2021-06-08",
"solution": "Upgrade to versions 2.2.24, 3.1.12, 3.2.4 or above.",
"title": "Path Traversal",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-33203",
"https://docs.djangoproject.com/en/3.2/releases/security/",
"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"
],
"uuid": "84395fbc-b74a-4457-aff2-104d931c7e76"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.24",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1.12",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.4",
"versionStartIncluding": "3.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33203"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.djangoproject.com/en/3.2/releases/security/",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://docs.djangoproject.com/en/3.2/releases/security/"
},
{
"name": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"
},
{
"name": "https://groups.google.com/forum/#!forum/django-announce",
"refsource": "MISC",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://groups.google.com/forum/#!forum/django-announce"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210727-0004/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210727-0004/"
},
{
"name": "FEDORA-2022-e7fd530688",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-02-25T18:42Z",
"publishedDate": "2021-06-08T18:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…