CVE-2021-42237

Name of the Vulnerable Software and Affected Versions Sitecore XP versions 7.5 Initial Release through 8.2 Update-7

Description The issue is related to an insecure deserialization attack that can lead to remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability. It is reported that the Australian Department of Defence's ForceNet platform, which uses Sitecore XP, was affected by a ransomware attack, potentially exposing 30,000 to 40,000 personal records. However, it is not confirmed if this incident is directly related to the vulnerability in question.

Recommendations For Sitecore XP versions 7.5 Initial Release through 8.2 Update-7, update to a secure version, ideally Sitecore XP 9.0 or higher. As a temporary workaround, consider removing the Report.ashx file from /sitecore/shell/ClientBin/Reporting/ on all server instances to minimize the risk of exploitation.