MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSalesforce Mule
APPSalesforce4.1.0 – 4.2.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2021-1627CRITICAL9.8ten sam produkt
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime ...
CVE-2021-1628CRITICAL9.8ten sam produkt
MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime co...
CVE-2021-1630HIGH7.5ten sam produkt
XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect...
CVE-2026-22582CRITICAL9.8PL ✓ten sam vendor
Argument Injection w Salesforce Marketing Cloud Engagement (MicrositeUrl)
CVE-2026-22583CRITICAL9.8PL ✓ten sam vendor
Argument Injection w Salesforce Marketing Cloud Engagement (CloudPagesUrl)