CVE-2021-21347

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2021-21347 is a vulnerability that was discovered in February 2021. It affects the popular content management system, Drupal, specifically versions 7 and 8. The vulnerability allows an attacker to bypass normal security measures and execute arbitrary code on the affected system. In other words, an attacker could take control of a vulnerable Drupal site and potentially access sensitive information or cause damage to the site. The vulnerability was caused by a flaw in how Drupal handles certain types of input data. Specifically, it was related to how Drupal processes file uploads. By sending specially crafted requests to a vulnerable site, an attacker could trigger the vulnerability and gain control of the site. This type of vulnerability is particularly dangerous because it can be exploited remotely, without the attacker having physical access to the affected system. Upon discovery of the vulnerability, Drupal's security team released a patch to address the issue. They also issued a security advisory urging all users of Drupal 7 and 8 to update their systems as soon as possible. In addition, they recommended that users review their logs for any suspicious activity that may have occurred before applying the patch. While there have been no reports of the vulnerability being actively exploited in the wild, it is important for organizations to take this type of threat seriously and ensure that their systems are properly secured.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2021-21347 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Multiple vulnerabilities in IBM Security Verify Governance