CVE-2021-41325

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-41325

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-41325.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-41325

Published

2021-09-30T19:15:07.513Z

Modified

2025-11-14T12:27:33.900582Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.)

References

Affected packages

Git / github.com/pydio/cells

Affected ranges

Type: GIT
Repo: https://github.com/pydio/cells
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3cf641708e40fa76ec064b283796d28e831587f2

Affected versions

v0.*

v0.9.0

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.2.5

v1.4.0

v1.4.1

v1.5.0

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v2.*

v2.0.0

v2.0.0-rc0

v2.0.0-rc1

v2.0.0-rc2

v2.0.0-rc3

v2.0.1

v2.0.2

v2.0.2-dev.20191219

v2.0.3

v2.0.4

v2.0.5

v2.1.0

v2.1.0-rc0

v2.1.0-rc1

v2.1.0-rc2

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.2.0

v2.2.0-rc0

v2.2.0-rc1

v2.2.0-rc2

v2.2.0-rc3

v2.2.0-rc4

v2.2.1

v2.2.11

v2.2.2

v2.2.3

v2.2.4

v2.2.4-rc1

v2.2.5

v2.2.6

v2.2.7

v2.2.8

v2.2.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-41325.json"