{"containers": {"cna": {"affected": [{"product": "Autodesk FBX Review", "vendor": "n/a", "versions": [{"status": "affected", "version": "1.4.1.0"}]}], "descriptions": [{"lang": "en", "value": "A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX\u2019s Review causing it to run arbitrary code on the system."}], "problemTypes": [{"descriptions": [{"description": "Directory Traversal Remote Code Execution Vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-09-15T09:06:11", "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-466/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1070/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@autodesk.com", "ID": "CVE-2021-27030", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Autodesk FBX Review", "version": {"version_data": [{"version_value": "1.4.1.0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX\u2019s Review causing it to run arbitrary code on the system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Directory Traversal Remote Code Execution Vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001", "refsource": "MISC", "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-466/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-466/"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1070/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1070/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:40:46.892Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-466/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1070/"}]}]}, "cveMetadata": {"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "assignerShortName": "autodesk", "cveId": "CVE-2021-27030", "datePublished": "2021-04-19T15:10:21", "dateReserved": "2021-02-09T00:00:00", "dateUpdated": "2024-08-03T20:40:46.892Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:fbx_review:*:*:*:*:*:*:*:*", "matchCriteriaId": "F59286B6-7D60-4BDC-8528-5D9446997E6C", "versionEndIncluding": "1.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX\u2019s Review causing it to run arbitrary code on the system."}, {"lang": "es", "value": "Un usuario puede ser enga\u00f1ado para abrir un archivo FBX malicioso que puede explotar una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota Salto de Directorio en Review de FBX, causando que se ejecute un c\u00f3digo arbitrario en el sistema"}], "id": "CVE-2021-27030", "lastModified": "2024-11-21T05:57:12.723", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-19T16:15:13.183", "references": [{"source": "psirt@autodesk.com", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"}, {"source": "psirt@autodesk.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1070/"}, {"source": "psirt@autodesk.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-466/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1070/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-466/"}], "sourceIdentifier": "psirt@autodesk.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}