Unrated severityCISA KEVNVD Advisory· Published Nov 5, 2021· Updated Oct 21, 2025
CVE-2021-42237
CVE-2021-42237
Description
Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Sitecore/Sitecore XPdescription
- Range: >=7.5 Initial Release <=8.2 Update-7
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/164988/Sitecore-Experience-Platform-XP-Remote-Code-Execution.htmlmitrex_refsource_MISC
- sitecore.commitrex_refsource_MISC
- blog.assetnote.io/2021/11/02/sitecore-rce/mitrex_refsource_MISC
- support.sitecore.com/kbmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.