Login Sign Up

CVE-2020-29441

7.2 HIGH
Denial of Service

📋 TL;DR

This vulnerability allows unauthenticated attackers to upload arbitrary files to OutSystems Platform 10 instances. It affects organizations using OutSystems Platform 10 versions before 10.0.1019.0, potentially leading to denial of service, data corruption, or unauthorized access to uploaded files.

💻 Affected Systems

Products:
  • OutSystems Platform
Versions: All versions before 10.0.1019.0
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects the Upload Widget component in OutSystems Platform 10 installations.

📦 What is this software?

Outsystems by Outsystems

View all CVEs affecting Outsystems →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database space exhaustion causing system-wide denial of service, corruption of legitimate business data, and unauthorized access to sensitive uploaded files.

🟠

Likely Case

Database space consumption leading to service degradation or temporary unavailability, with potential for file system pollution.

🟢

If Mitigated

Minimal impact with proper file upload validation, authentication requirements, and monitoring in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability is straightforward to exploit as it requires no authentication and involves simple file upload operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.0.1019.0

Vendor Advisory: https://success.outsystems.com/Support/Security/Vulnerabilities/Vulnerability_RPD-4310

Restart Required: Yes

Instructions:

1. Download OutSystems Platform 10.0.1019.0 or later from official sources. 2. Backup your current installation and database. 3. Apply the update following OutSystems upgrade procedures. 4. Restart the platform services.

🔧 Temporary Workarounds

Disable Upload Widget

all

Temporarily disable or remove the vulnerable Upload Widget component from applications.

Implement WAF Rules

all

Configure web application firewall rules to block suspicious file upload patterns.

🧯 If You Can't Patch

  • Implement strict file type validation and size limits on all upload endpoints
  • Require authentication for all file upload operations and implement rate limiting

🔍 How to Verify

Check if Vulnerable:

Check OutSystems Platform version in Service Center or compare against installed version number.

Check Version:

Check Service Center dashboard or review installation logs for version information.

Verify Fix Applied:

Verify version is 10.0.1019.0 or later and test file upload functionality with malicious payloads.

📡 Detection & Monitoring

Log Indicators:

  • Unusual volume of file upload requests
  • Uploads of unexpected file types or sizes
  • Failed authentication attempts on upload endpoints

Network Indicators:

  • High volume of POST requests to upload endpoints
  • Large file uploads from unauthenticated sources

SIEM Query:

source="outsystems" AND (event="file_upload" OR url_path="*upload*") AND user="anonymous" AND file_size>1000000

📊 Metadata

CVE ID: CVE-2020-29441
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
CWE: CWE-434
Published: November 30, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-29441, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)