CVE-2021-41152— OpenOlat 路径遍历漏洞

Path Traversal in Folder Component Leading to Local File Inclusion

OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on the target system. The attack could be used to read any file accessible in the web root folder or outside, depending on the configuration of the system and the properly configured permission of the application server user. The attack requires an OpenOlat user account or the enabled guest user feature together with the usage of the folder component in a course. The attack does not allow writing of arbitrary files, it allows only reading of files and also only ready of files that the attacker knows the exact path which is very unlikely at least for OpenOlat data files. The problem is fixed in version 15.5.8 and 16.0.1 It is advised to upgrade to version 16.0.x. There are no known workarounds to fix this problem, an upgrade is necessary.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

对路径名的限制不恰当(路径遍历)

OpenOlat 路径遍历漏洞

OpenOLAT是一个基于网络的电子学习平台，用于教学、学习、评估和交流，一个 LMS，一个学习管理系统。 OpenOlat 存在安全漏洞，该漏洞源于攻击者可以通过操纵 HTTP 请求来修改文件夹组件中所请求文件下载的路径，以指向目标系统上的任何位置。该攻击可用于读取 Web 根文件夹或外部可访问的任何文件，具体取决于系统配置和应用服务器用户正确配置的权限。攻击需要 OpenOlat 用户帐户或启用的访客用户功能以及在课程中使用文件夹组件。该攻击不允许写入任意文件，它只允许读取文件，并且只允许准备好攻击者

N/A

N/A