#VU66467 Path traversal in Babel - CVE-2021-42771


Vulnerability identifier: #VU66467

Vulnerability risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-42771

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Babel
Web applications / Modules and components for CMS

Vendor: The Babel Team

Description

The vulnerability allows a remote attacker to user compromise the affected system.

The vulnerability exists due to input validation error when processing directory traversal sequences within the locale .dat files in Babel.Locale. A remote user can load a malicious .dat file containing serialized Python objects and execute arbitrary code on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Babel: 2.0 - 2.9.0

External links
https://www.tenable.com/security/research/tra-2021-14
https://lists.debian.org/debian-lts/2021/10/msg00040.html
https://github.com/python-babel/babel/pull/782
https://lists.debian.org/debian-lts-announce/2021/10/msg00018.html
https://www.debian.org/security/2021/dsa-5018

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in QRadar Incident Forensics
Multiple vulnerabilities in IBM QRadar SIEM
Path traversal in IBM Cloud Pak for Data System
Multiple vulnerabilities in Red Hat Ansible Automation Platform 2.4
Multiple vulnerabilities in IBM Cloud Pak for Security (CP4S)
Multiple vulnerabilities in Dell PowerStore Family
Amazon Linux AMI update for python-babel
Multiple vulnerabilities in Juniper Networks Contrail Networking
SUSE update for python-Babel
Multiple vulnerabilities in Migration Toolkit for Containers (MTC) 1.7