CVE-2021-44685

Git-it through 4.4.0 allows OS command injection at the Branches Aren't Just For Birds challenge step. During the verification process, it attempts to run the reflog command followed by the current branch name (which is not sanitized for execution).

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://github.com/dwisiswant0/advisory/issues/3	Exploit Issue Tracking Third Party Advisory
https://github.com/jlord/git-it-electron/releases	Release Notes Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:git-it_project:git-it:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-12-07 00:15

Updated : 2024-02-28 18:48

NVD link : CVE-2021-44685

Mitre link : CVE-2021-44685

CVE.ORG link : CVE-2021-44685

JSON object : View

Products Affected

git-it_project

git-it

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2021-44685", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2021-12-07T00:15:08.043", "references": [{"url": "https://github.com/dwisiswant0/advisory/issues/3", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/jlord/git-it-electron/releases", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "Git-it through 4.4.0 allows OS command injection at the Branches Aren't Just For Birds challenge step. During the verification process, it attempts to run the reflog command followed by the current branch name (which is not sanitized for execution)."}, {"lang": "es", "value": "Git-it versiones hasta 4.4.0, permite una inyecci\u00f3n de comandos del sistema operativo en el paso de desaf\u00edo Branches Aren't Just For Birds. Durante el proceso de verificaci\u00f3n, se intenta ejecutar el comando reflog seguido del nombre de la rama actual (que no est\u00e1 desinfectado para su ejecuci\u00f3n)"}], "lastModified": "2021-12-08T13:13:48.757", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:git-it_project:git-it:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBDE9254-C244-4B34-9CCB-467059E3AC0C", "versionEndIncluding": "4.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}