Lucene search

GitHub Advisory DatabaseGHSA-5XQM-HC45-F2G2

HistoryNov 22, 2023 - 3:30 a.m.

APM Java Agent Local Privilege Escalation issue

2023-11-2203:30:19

CWE-269

GitHub Advisory Database

github.com

apm java agent

local privilege escalation

malicious plugin

application security

code execution

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions than their user typically has access to.

Affected configurations

Vulners

Node

mavenapm-agent-parentRange<1.27.1

CPENameOperatorVersion
co.elastic.apm:apm-agent-parentlt1.27.1

CPE	Name	Operator	Version
	co.elastic.apm:apm-agent-parent	lt	1.27.1

References

discuss.elastic.co/t/apm-java-agent-security-update/291355

github.com/advisories/GHSA-5xqm-hc45-f2g2

nvd.nist.gov/vuln/detail/CVE-2021-37942

www.elastic.co/community/security

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for GHSA-5XQM-HC45-F2G2