CVE-2021-45456

Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService. This may cause an illegal project name to pass the check and perform the following steps, resulting in a command injection vulnerability. This issue affects Apache Kylin 4.0.0.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2022/01/06/1	Mailing List Third Party Advisory
https://lists.apache.org/thread/70fkf9w1swt2cqdcz13rwfjvblw1fcpf	Mailing List Vendor Advisory
http://www.openwall.com/lists/oss-security/2022/01/06/1	Mailing List Third Party Advisory
https://lists.apache.org/thread/70fkf9w1swt2cqdcz13rwfjvblw1fcpf	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:kylin:4.0.0:-::::::
	cpe:2.3:a:apache:kylin:4.0.0:alpha::::::
	cpe:2.3:a:apache:kylin:4.0.0:beta::::::

History

21 Nov 2024, 06:32

Type	Values Removed	Values Added
References	~~() http://www.openwall.com/lists/oss-security/2022/01/06/1 - Mailing List, Third Party Advisory~~	() http://www.openwall.com/lists/oss-security/2022/01/06/1 - Mailing List, Third Party Advisory
References	~~() https://lists.apache.org/thread/70fkf9w1swt2cqdcz13rwfjvblw1fcpf - Mailing List, Vendor Advisory~~	() https://lists.apache.org/thread/70fkf9w1swt2cqdcz13rwfjvblw1fcpf - Mailing List, Vendor Advisory

Information

Published : 2022-01-06 13:15

Updated : 2024-11-21 06:32

NVD link : CVE-2021-45456

Mitre link : CVE-2021-45456

CVE.ORG link : CVE-2021-45456

JSON object : View

Products Affected

apache

kylin

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

{"id": "CVE-2021-45456", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-01-06T13:15:08.227", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/01/06/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread/70fkf9w1swt2cqdcz13rwfjvblw1fcpf", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "http://www.openwall.com/lists/oss-security/2022/01/06/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread/70fkf9w1swt2cqdcz13rwfjvblw1fcpf", "tags": ["Mailing List", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService. This may cause an illegal project name to pass the check and perform the following steps, resulting in a command injection vulnerability. This issue affects Apache Kylin 4.0.0."}, {"lang": "es", "value": "Apache kylin comprueba la legitimidad del proyecto antes de ejecutar algunos comandos con el nombre del proyecto pasado por el usuario. Se presenta un desajuste entre lo que es comprobado y lo que es usado como argumento del comando del shell en DiagnosisService. Esto puede causar que un nombre de proyecto ilegal pase la comprobaci\u00f3n y lleve a cabo los siguientes pasos, resultando en una vulnerabilidad de inyecci\u00f3n de comandos. Este problema afecta a Apache Kylin 4.0.0."}], "lastModified": "2024-11-21T06:32:14.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:kylin:4.0.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9ED56E6-4BD6-410A-894C-350295DB8443"}, {"criteria": "cpe:2.3:a:apache:kylin:4.0.0:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CBD3E44-4EB4-474D-911C-3C1ED9061DCE"}, {"criteria": "cpe:2.3:a:apache:kylin:4.0.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE87BCCF-8188-44F3-A727-808A8D6C45B9"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}