Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.
History

Mon, 03 Feb 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-03-25'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-02-03T15:38:21.811Z

Reserved: 2021-10-11T00:00:00.000Z

Link: CVE-2021-42237

cve-icon Vulnrichment

Updated: 2024-08-04T03:30:37.679Z

cve-icon NVD

Status : Modified

Published: 2021-11-05T10:15:08.240

Modified: 2025-02-03T16:15:31.637

Link: CVE-2021-42237

cve-icon Redhat

No data.