CVE-2021-40186 - Vulnerability Details - OpenCVE

ReportizFlow

The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In the most common scenario, the attacker exploits SSRF vulnerabilities to attack systems behind the firewall and access sensitive information from Cloud Provider metadata services.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dnnsoftware	Dotnetnuke

Configuration 1 [-]

cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://appcheck-ng.com/dnn-cms-server-side-request-forgery-cve-2021-40186

History

No history.

MITRE

Status: PUBLISHED

Assigner: AppCheck

Published: 2022-05-31T18:09:43

Updated: 2024-08-04T02:27:31.884Z

Reserved: 2021-08-29T00:00:00

Link: CVE-2021-40186

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-06-02T14:15:29.597

Modified: 2024-11-21T06:23:44.707

Link: CVE-2021-40186

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "DNN Platform", "vendor": "DNNSoftware", "versions": [{"lessThan": "9.11.0", "status": "affected", "version": "9.0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In the most common scenario, the attacker exploits SSRF vulnerabilities to attack systems behind the firewall and access sensitive information from Cloud Provider metadata services."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-31T18:41:52", "orgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae", "shortName": "AppCheck"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://appcheck-ng.com/dnn-cms-server-side-request-forgery-cve-2021-40186"}], "source": {"discovery": "EXTERNAL"}, "title": "DNN CMS Server-Side Request Forgery (SSRF)", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2021-40186", "STATE": "PUBLIC", "TITLE": "DNN CMS Server-Side Request Forgery (SSRF)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "DNN Platform", "version": {"version_data": [{"version_affected": "<", "version_name": "9.0", "version_value": "9.11.0"}]}}]}, "vendor_name": "DNNSoftware"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In the most common scenario, the attacker exploits SSRF vulnerabilities to attack systems behind the firewall and access sensitive information from Cloud Provider metadata services."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-918 Server-Side Request Forgery (SSRF)"}]}]}, "references": {"reference_data": [{"name": "https://appcheck-ng.com/dnn-cms-server-side-request-forgery-cve-2021-40186", "refsource": "MISC", "url": "https://appcheck-ng.com/dnn-cms-server-side-request-forgery-cve-2021-40186"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:27:31.884Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://appcheck-ng.com/dnn-cms-server-side-request-forgery-cve-2021-40186"}]}]}, "cveMetadata": {"assignerOrgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae", "assignerShortName": "AppCheck", "cveId": "CVE-2021-40186", "datePublished": "2022-05-31T18:09:43", "dateReserved": "2021-08-29T00:00:00", "dateUpdated": "2024-08-04T02:27:31.884Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:*", "matchCriteriaId": "451B2E1B-6C7D-4A9E-BB5A-C08D806F35F0", "versionEndIncluding": "9.10.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In the most common scenario, the attacker exploits SSRF vulnerabilities to attack systems behind the firewall and access sensitive information from Cloud Provider metadata services."}, {"lang": "es", "value": "El equipo de investigaci\u00f3n de AppCheck identific\u00f3 una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) dentro de la plataforma DNN CMS, anteriormente conocida como DotNetNuke. Las vulnerabilidades de tipo SSRF permiten al atacante explotar el sistema de destino para realizar peticiones de red en su nombre, permitiendo una serie de posibles ataques. En el escenario m\u00e1s com\u00fan, el atacante aprovecha las vulnerabilidades de tipo SSRF para atacar sistemas detr\u00e1s del firewall y acceder a informaci\u00f3n confidencial de los servicios de metadatos del proveedor de la nube"}], "id": "CVE-2021-40186", "lastModified": "2024-11-21T06:23:44.707", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2022-06-02T14:15:29.597", "references": [{"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://appcheck-ng.com/dnn-cms-server-side-request-forgery-cve-2021-40186"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://appcheck-ng.com/dnn-cms-server-side-request-forgery-cve-2021-40186"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "[email protected]", "type": "Primary"}]}