CVE-2021-1626: 
MuleSoft Mule vulnerability analysis and mitigation

A Remote Code Execution (RCE) vulnerability was identified in MuleSoft's Mule runtime component, affecting both CloudHub and on-premise customers. The vulnerability impacts Mule versions 4.1.x and 4.2.x runtime released before February 2, 2021. This vulnerability was assigned CVE-2021-1626 and received a CVSS v3.1 base score of 9.8 (CRITICAL) (NVD).

The vulnerability has been assessed with a CVSS v3.1 base score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, no privileges required, no user interaction needed, and high impact on confidentiality, integrity, and availability (NVD).

The vulnerability could allow remote attackers to execute arbitrary code on affected systems, potentially compromising both CloudHub and on-premise deployments. The critical CVSS score of 9.8 indicates severe potential impacts on system confidentiality, integrity, and availability (NVD).

Organizations using affected versions of Mule runtime (4.1.x and 4.2.x) released before February 2, 2021, should upgrade to a patched version. Specific details about the patched versions are available in the Salesforce security advisory (Salesforce Advisory).