PT-2021-14546 · Scimono · Scimono

Karaimin

·

Published

2021-02-09

·

Updated

2021-02-16

·

CVE-2021-21479

CVSS v3.1

9.1

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions SCIMono versions prior to 0.0.19
Description The issue allows an attacker to inject and execute Java expressions, compromising the availability and integrity of the system.
Recommendations For versions prior to 0.0.19, update to version 0.0.19 to resolve the issue.

Fix

Link Following

Special Elements Injection

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2021-21479
GHSA-29Q4-GXJQ-RX5C

Affected Products

Scimono