CVE-2021-37941

EPSS 0.03%
Veröffentlicht 08.12.2021 22:15:08
Zuletzt bearbeitet 21.11.2024 06:16:07
Quelle bressers@elastic.co
Teams Watchlist Login
Unerledigt Login

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of permissions than they possess. This vulnerability affects users that have set up the agent via the attacher cli 3, the attach API 2, as well as users that have enabled the profiling_inferred_spans_enabled option

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Elastic ≫ Apm Agent SwPlatformjava Version >= 1.10.0 <= 1.26.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.061

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://discuss.elastic.co/t/apm-java-agent-security-update/289627

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-37941

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-37941

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-37941

EUVD