Login Sign Up

CVE-2021-41152

7.7 HIGH
Path Traversal

📋 TL;DR

CVE-2021-41152 is a path traversal vulnerability in OpenOlat that allows authenticated users to read arbitrary files on the server by manipulating HTTP requests in the folder component. The vulnerability affects OpenOlat versions before 15.5.8 and 16.0.1, requiring either a user account or enabled guest access with folder component usage.

💻 Affected Systems

Products:
  • OpenOlat
Versions: All versions before 15.5.8 and 16.0.1
Operating Systems: All platforms running OpenOlat
Default Config Vulnerable: ⚠️ Yes
Notes: Requires folder component usage in a course and either authenticated user or enabled guest access

📦 What is this software?

Openolat by Frentix

View all CVEs affecting Openolat →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could read sensitive system files, configuration files, or database credentials, potentially leading to full system compromise if privileged files are accessible.

🟠

Likely Case

Attackers with valid accounts could read OpenOlat configuration files, user data, or other web-accessible files, potentially enabling further attacks or data exfiltration.

🟢

If Mitigated

With proper file permissions and application server user restrictions, impact is limited to files within the web root or specific accessible directories.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires HTTP request manipulation but is straightforward for attackers with valid credentials

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 15.5.8 or 16.0.1

Vendor Advisory: https://github.com/OpenOLAT/OpenOLAT/security/advisories/GHSA-m8j5-837g-2p3f

Restart Required: Yes

Instructions:

1. Backup your OpenOlat installation and database. 2. Download OpenOlat version 15.5.8 or 16.0.1 from the official repository. 3. Replace the existing installation with the patched version. 4. Restart the application server. 5. Verify the fix by checking the version.

🧯 If You Can't Patch

  • Restrict file system permissions for the application server user to minimal required directories
  • Disable guest user access and monitor for suspicious file access patterns

🔍 How to Verify

Check if Vulnerable:

Check OpenOlat version via admin interface or by examining the installation directory for version files

Check Version:

Check the WEB-INF/lib directory for openolat-core-*.jar version or use admin interface

Verify Fix Applied:

Verify the version is 15.5.8 or higher for 15.x branch, or 16.0.1 or higher for 16.x branch

📡 Detection & Monitoring

Log Indicators:

  • Unusual file access patterns in web server logs
  • Requests with path traversal sequences (../) to folder component endpoints

Network Indicators:

  • HTTP requests containing path traversal sequences to /olat/ folder component URLs

SIEM Query:

web.url:*../* AND web.url:*folder* AND web.url:*olat*

📊 Metadata

CVE ID: CVE-2021-41152
CVSS v3 Score: 7.7 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE: CWE-22
Published: October 18, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-41152, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)