GitHub Advisory DatabaseGHSA-RPC6-H455-3RX5Celery local privilege escalation vulnerability
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| celeryproject | celery | * | cpe:2.3:a:celeryproject:celery:*:*:*:*:*:*:*:* |
References
github.com/advisories/GHSA-rpc6-h455-3rx5
github.com/celery/celery/blob/master/docs/sec/CELERYSA-0001.txt
github.com/celery/celery/commit/53514b158b743678d8993638be5920cd09ccc35c
github.com/celery/celery/commit/73388921731a0e6feb28ab0d389c4f7dc4d524f6
github.com/celery/celery/commit/e0767e40994754fe8482bf4ff622c5c6d0b9f671
github.com/celery/celery/pull/544
github.com/pypa/advisory-database/tree/main/vulns/celery/PYSEC-2011-17.yaml
nvd.nist.gov/vuln/detail/CVE-2011-4356
web.archive.org/web/20140722114447/secunia.com/advisories/46973
web.archive.org/web/20200305001706/www.securityfocus.com/bid/50825
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%