CVE-2021-44042 - Vulnerability Details - OpenCVE

An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Uipath	Assistant

Configuration 1 [-]

cpe:2.3:a:uipath:assistant:21.4.4:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://docs.uipath.com/robot/docs/release-notes-2021-10-4
https://docs.uipath.com/robot/docs/uipath-assistant

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-12-14T17:49:45

Updated: 2024-08-04T04:10:17.389Z

Reserved: 2021-11-19T00:00:00

Link: CVE-2021-44042

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-12-14T18:15:08.673

Modified: 2024-11-21T06:30:16.800

Link: CVE-2021-44042

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-14T17:49:45", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://docs.uipath.com/robot/docs/uipath-assistant"}, {"tags": ["x_refsource_MISC"], "url": "https://docs.uipath.com/robot/docs/release-notes-2021-10-4"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-44042", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://docs.uipath.com/robot/docs/uipath-assistant", "refsource": "MISC", "url": "https://docs.uipath.com/robot/docs/uipath-assistant"}, {"name": "https://docs.uipath.com/robot/docs/release-notes-2021-10-4", "refsource": "MISC", "url": "https://docs.uipath.com/robot/docs/release-notes-2021-10-4"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:10:17.389Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.uipath.com/robot/docs/uipath-assistant"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.uipath.com/robot/docs/release-notes-2021-10-4"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-44042", "datePublished": "2021-12-14T17:49:45", "dateReserved": "2021-11-19T00:00:00", "dateUpdated": "2024-08-04T04:10:17.389Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:uipath:assistant:21.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "CD11C5A9-956F-4B98-8712-C3085A055EC3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application."}, {"lang": "es", "value": "Se ha detectado un problema en UiPath Assistant versi\u00f3n 21.4.4. Los datos controlados por el usuario suministrados al argumento --process-start del manejeador de URI para uipath-assistant:// no est\u00e1n codificados correctamente, resultando en que se inyecte contenido controlado por el atacante en el mensaje de error mostrado (cuando el contenido inyectado no coincide con un proceso existente). Un atacante determinado podr\u00eda aprovechar esto para ejecutar JavaScript en el contexto de la aplicaci\u00f3n Electron"}], "id": "CVE-2021-44042", "lastModified": "2024-11-21T06:30:16.800", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-14T18:15:08.673", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://docs.uipath.com/robot/docs/release-notes-2021-10-4"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://docs.uipath.com/robot/docs/uipath-assistant"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://docs.uipath.com/robot/docs/release-notes-2021-10-4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://docs.uipath.com/robot/docs/uipath-assistant"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "nvd@nist.gov", "type": "Primary"}]}