Lucene search
China National Vulnerability DatabaseCNVD-2021-67650HistorySep 01, 2021 - 12:00 a.m.
Rundeck Cross-Site Request Forgery Vulnerability
2021-09-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
rundeck
cross-site request forgery
vulnerability
automation
web console
webapi
csrf attacks
untrusted code
security document
EPSS
0.001
Percentile
37.0%
Rundeck is an open source automation service with a web console, command line tools and WebAPI from Rundeck, Inc. that is primarily used to run automation tasks. a cross-site request forgery vulnerability exists in Rundeck, which stems from the fact that users with access to the "system" resource type may be vulnerable to CSRF attacks, which could lead to server to run untrusted code on all Rundeck versions. No details of the vulnerability are currently available.
Related
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2021-08-30 20:15:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2021-08-31 03:39:43
cve
cve
CVE-2021-39133
2021-08-30 20:15:07
github
github
Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server
2021-09-01 18:26:48
osv
osv
CVE-2021-39133
2021-08-30 20:15:07
Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server
2021-09-01 18:26:48
nvd
nvd
CVE-2021-39133
2021-08-30 20:15:07