Lucene search

Veracode Vulnerability DatabaseVERACODE:46583

HistoryApr 23, 2024 - 6:54 a.m.

Privilege Escalation

2024-04-2306:54:46

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

ant media server

privilege escalation

jmx

authentication

vulnerability

localhost

port 5599

unprivileged users

mlet bean

remote mbean

insecure configuration

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Ant Media Server is vulnerable to Privilege Escalation. The vulnerability is caused by running Java Management Extensions (JMX) with authentication disabled on localhost on port 5599. This allows unprivileged users to connect locally and leverage MLet Bean within JMX to load a remote MBean from an attacker-controlled server. This insecure configuration could lead to privilege escalation to the root user

CPENameOperatorVersion
ant media serverle2.8.2
ant media serverle2.8.2

CPE	Name	Operator	Version
	ant media server	le	2.8.2
	ant media server	le	2.8.2

References

github.com/ant-media/Ant-Media-Server/commit/9cb38500729e0ff302da0290b9cfe1ec4dd6c764

github.com/ant-media/Ant-Media-Server/security/advisories/GHSA-qwhw-hh9j-54f5

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for VERACODE:46583