Lucene search

GovTech CSGCVELIST:CVE-2021-42855

HistoryMar 09, 2022 - 4:51 p.m.

CVE-2021-42855 Local privilege escalation due to misconfigured write permission on .debug_command.config file

2022-03-0916:51:38

CWE-284

GovTech CSG

www.cve.org

cve-2021-42855

steelcentral appinternals dynamic sampling agent

misconfigured write permission

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

12.6%

JSON

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the “.debug_command.config” file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the “/api/appInternals/1.0/agent/configuration” API to map the corresponding ID to a command to be executed.

CNA Affected

[
  {
    "product": "SteelCentral AppInternals Dynamic Sampling Agent",
    "vendor": "Aternity",
    "versions": [
      {
        "status": "affected",
        "version": "10.x"
      },
      {
        "lessThan": "12.13.0",
        "status": "affected",
        "version": "12.13.0",
        "versionType": "custom"
      },
      {
        "lessThan": "11.8.8",
        "status": "affected",
        "version": "11.8.8",
        "versionType": "custom"
      }
    ]
  }
]

References

aternity.force.com/customersuccess/s/article/Local-privilege-escalation-due-to-misconfigured-write-permission-on-debug-command-config-file-CVE-2021-42855

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-42855