Lucene search
Veracode Vulnerability DatabaseVERACODE:33347HistoryDec 15, 2021 - 12:34 p.m.
Privilege Escalation
2021-12-1512:34:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
opencastproject
privilege escalation
authenticated attacker
local files
read access
vulnerability
EPSS
0.001
Percentile
50.1%
org.opencastproject:opencast-ingest-service-impl is vulnerable to privilege escalation. An authenticated attacker is able to extract secrets from the host machine via exploiting local files with read access resulting in privilege escalation vulnerability.
References
github.com/opencast/opencast/blob/69952463971cf578363e3b97d8edaf334ff51253/modules/ingest-service-impl/src/main/java/org/opencastproject/ingest/impl/IngestServiceImpl.java#L1587
github.com/opencast/opencast/commit/65c46b9d3e8f045c544881059923134571897764
github.com/opencast/opencast/security/advisories/GHSA-59g4-hpg3-3gcp
mvnrepository.com/artifact/org.opencastproject/opencast-ingest-service-impl
Related
prion
prion
Design/Logic Flaw
2021-12-14 20:15:00
osv
osv
CVE-2021-43821
2021-12-14 20:15:07
Files Accessible to External Parties in Opencast
2021-12-14 21:44:03
openvas
openvas
Opencast < 10.6 Unauthorized File Access Vulnerability
2022-05-26 00:00:00
github
github
Files Accessible to External Parties in Opencast
2021-12-14 21:44:03
githubexploit
githubexploit
cvelist
cvelist
CVE-2021-43821 Files Accessible to External Parties in Opencast
2021-12-14 19:15:12
nvd
nvd
CVE-2021-43821
2021-12-14 20:15:07
cve
cve
CVE-2021-43821
2021-12-14 20:15:07