CVE-2021-37942

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions than their user typically has access to.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://discuss.elastic.co/t/apm-java-agent-security-update/291355	Vendor Advisory
https://www.elastic.co/community/security	Product
https://discuss.elastic.co/t/apm-java-agent-security-update/291355	Vendor Advisory
https://www.elastic.co/community/security	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:elastic:apm_java_agent:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 7.0
References	~~() https://discuss.elastic.co/t/apm-java-agent-security-update/291355 - Vendor Advisory~~	() https://discuss.elastic.co/t/apm-java-agent-security-update/291355 - Vendor Advisory
References	~~() https://www.elastic.co/community/security - Product~~	() https://www.elastic.co/community/security - Product

30 Nov 2023, 19:33

Type	Values Removed	Values Added
CPE		cpe:2.3:a:elastic:apm_java_agent::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		NVD-CWE-noinfo
References	~~() https://www.elastic.co/community/security -~~	() https://www.elastic.co/community/security - Product
References	~~() https://discuss.elastic.co/t/apm-java-agent-security-update/291355 -~~	() https://discuss.elastic.co/t/apm-java-agent-security-update/291355 - Vendor Advisory

22 Nov 2023, 03:36

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-11-22 02:15

Updated : 2024-11-21 06:16

NVD link : CVE-2021-37942

Mitre link : CVE-2021-37942

CVE.ORG link : CVE-2021-37942

JSON object : View

Products Affected

elastic

apm_java_agent

CWE

CWE-269

Improper Privilege Management

NVD-CWE-noinfo

{"id": "CVE-2021-37942", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "bressers@elastic.co", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-11-22T02:15:42.220", "references": [{"url": "https://discuss.elastic.co/t/apm-java-agent-security-update/291355", "tags": ["Vendor Advisory"], "source": "bressers@elastic.co"}, {"url": "https://www.elastic.co/community/security", "tags": ["Product"], "source": "bressers@elastic.co"}, {"url": "https://discuss.elastic.co/t/apm-java-agent-security-update/291355", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.elastic.co/community/security", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "bressers@elastic.co", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions than their user typically has access to."}, {"lang": "es", "value": "Se encontr\u00f3 un problema de escalada de privilegios local con APM Java Agent, donde un usuario del sistema pod\u00eda adjuntar un complemento malicioso a una aplicaci\u00f3n que ejecutaba APM Java Agent. Al utilizar esta vulnerabilidad, un atacante podr\u00eda ejecutar c\u00f3digo con un nivel de permisos potencialmente m\u00e1s alto del que normalmente tiene acceso su usuario."}], "lastModified": "2024-11-21T06:16:07.267", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elastic:apm_java_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15C93E89-E721-4610-BB53-39D2D24F58CB", "versionEndIncluding": "1.27.0", "versionStartIncluding": "1.18.0"}], "operator": "OR"}]}], "sourceIdentifier": "bressers@elastic.co"}