CVE-2021-41381

high

Description

Payara Micro Community 5.2021.6 and below allows Directory Traversal.

References

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt

https://www.payara.fish

https://www.exploit-db.com/exploits/50371

https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POC

http://seclists.org/fulldisclosure/2022/Nov/11

http://packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.html

http://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.html

Details

Source: Mitre, NVD

Published: 2021-09-23

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.80074