CVE-2021-41381 – CVE-2021-41381 is a directory traversal vulnera... (How to Fix)

Q: What is the severity of CVE-2021-41381?

CVE-2021-41381 has a CVSS score of 7.5 (HIGH). CVE-2021-41381 is a directory traversal vulnerability in Payara Micro Community that allows attackers to read arbitrary files on the server filesystem. This affects Payara Micro Community version 5.2021.6 and below. Organizations using these vulnerable versions are at risk of sensitive data exposure.

📋 TL;DR

CVE-2021-41381 is a directory traversal vulnerability in Payara Micro Community that allows attackers to read arbitrary files on the server filesystem. This affects Payara Micro Community version 5.2021.6 and below. Organizations using these vulnerable versions are at risk of sensitive data exposure.

💻 Affected Systems

Products:

Payara Micro Community

Versions: 5.2021.6 and below

Operating Systems: All operating systems running Payara Micro

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments using affected versions are vulnerable regardless of configuration.

📦 What is this software?

Micro Community by Payara

View all CVEs affecting Micro Community →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through reading sensitive configuration files, credentials, or private keys leading to further system exploitation.

🟠

Likely Case

Unauthorized access to sensitive files containing application data, configuration details, or system information.

🟢

If Mitigated

Limited impact with proper file permissions and network segmentation preventing access to critical system files.

🌐 Internet-Facing: HIGH - Directory traversal vulnerabilities on internet-facing systems are frequently targeted and can lead to significant data breaches.

🏢 Internal Only: MEDIUM - Internal attackers could still exploit this to access sensitive files, though attack surface is reduced.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Multiple public exploit scripts and proof-of-concepts are available, making exploitation trivial for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.2021.7 and above

Vendor Advisory: https://docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%205.2021.7.html

Restart Required: Yes

Instructions:

1. Download Payara Micro Community version 5.2021.7 or later from official Payara website. 2. Stop the current Payara Micro instance. 3. Replace with patched version. 4. Restart the application server.

🔧 Temporary Workarounds

Web Application Firewall (WAF) Rules

all

Implement WAF rules to block directory traversal patterns in HTTP requests

File Permission Restrictions

linux

Run Payara Micro with minimal file system permissions to limit accessible directories

chmod 750 /path/to/payara/data
chown payara:payara /path/to/payara

🧯 If You Can't Patch

Implement strict network segmentation to isolate Payara Micro instances from sensitive systems
Deploy a reverse proxy with request filtering to block directory traversal patterns

🔍 How to Verify

Check if Vulnerable:

Check Payara Micro version using the admin console or by examining server startup logs for version information

Check Version:

java -jar payara-micro.jar --version

Verify Fix Applied:

After patching, attempt directory traversal using known POC scripts to confirm they no longer work

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing '../' patterns
Unusual file access patterns in application logs
Failed file access attempts outside expected directories

Network Indicators:

HTTP requests with encoded directory traversal sequences
Multiple failed file access attempts from single source

SIEM Query:

source="payara.log" AND ("../" OR "..\\" OR "%2e%2e%2f" OR "%252e%252e%252f")

📊 Metadata

CVE ID: CVE-2021-41381

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: September 23, 2021

Last Updated: November 21, 2024

🔗 References

http://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.html Exploit,Third Party Advisory,VDB Entry
http://packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.html Exploit,Third Party Advisory,VDB Entry
http://seclists.org/fulldisclosure/2022/Nov/11 Exploit,Mailing List,Third Party Advisory
https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POC Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/50371 Exploit,Third Party Advisory,VDB Entry
https://www.payara.fish Product,Vendor Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt Exploit,Third Party Advisory
http://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.html Exploit,Third Party Advisory,VDB Entry
http://packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.html Exploit,Third Party Advisory,VDB Entry
http://seclists.org/fulldisclosure/2022/Nov/11 Exploit,Mailing List,Third Party Advisory
https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POC Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/50371 Exploit,Third Party Advisory,VDB Entry
https://www.payara.fish Product,Vendor Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-41381, you might also want to check these: