github - ghsa-j79q-frp5-24gc

GHSA-J79Q-FRP5-24GC

Vulnerability from github – Published: 2022-01-11 00:00 – Updated: 2022-01-19 00:01

Details

In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. Arguments can be provided which cause arbitrary shell commands to run on the system.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-23154"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user\u0027s shell. Arguments can be provided which cause arbitrary shell commands to run on the system.",
  "id": "GHSA-j79q-frp5-24gc",
  "modified": "2022-01-19T00:01:54Z",
  "published": "2022-01-11T00:00:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23154"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Mirantis/security/blob/main/advisories/0003.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-23154 (GCVE-0-2021-23154)

Vulnerability from cvelistv5 – Published: 2022-01-10 15:05 – Updated: 2024-08-03 18:58

Summary

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Assigner

Mirantis

References

URL

Tags

https://github.com/Mirantis/security/blob/main/ad…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Mirantis	Lens	Affected: 5.3 , ≤ 5.3.3 (custom)

Credits

Eren Karahasan (locomoco.dev@gmail.com)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:58:26.305Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Mirantis/security/blob/main/advisories/0003.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Lens",
          "vendor": "Mirantis",
          "versions": [
            {
              "lessThanOrEqual": "5.3.3",
              "status": "affected",
              "version": "5.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Eren Karahasan (locomoco.dev@gmail.com)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user\u0027s shell. Arguments can be provided which cause arbitrary shell commands to run on the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-10T15:05:45",
        "orgId": "ac17a704-eccd-4263-a802-5cee95c1d547",
        "shortName": "Mirantis"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Mirantis/security/blob/main/advisories/0003.md"
        }
      ],
      "source": {
        "advisory": "0003",
        "discovery": "UNKNOWN"
      },
      "title": "Command injection in Lens causes arbitrary shell command execution when malicious custom helm chart configuration provided",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@mirantis.com",
          "ID": "CVE-2021-23154",
          "STATE": "PUBLIC",
          "TITLE": "Command injection in Lens causes arbitrary shell command execution when malicious custom helm chart configuration provided"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Lens",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "5.3",
                            "version_value": "5.3.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Mirantis"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Eren Karahasan (locomoco.dev@gmail.com)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user\u0027s shell. Arguments can be provided which cause arbitrary shell commands to run on the system."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Mirantis/security/blob/main/advisories/0003.md",
              "refsource": "MISC",
              "url": "https://github.com/Mirantis/security/blob/main/advisories/0003.md"
            }
          ]
        },
        "source": {
          "advisory": "0003",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ac17a704-eccd-4263-a802-5cee95c1d547",
    "assignerShortName": "Mirantis",
    "cveId": "CVE-2021-23154",
    "datePublished": "2022-01-10T15:05:45",
    "dateReserved": "2022-01-10T00:00:00",
    "dateUpdated": "2024-08-03T18:58:26.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-J79Q-FRP5-24GC

CVE-2021-23154 (GCVE-0-2021-23154)

Tags

Sightings

Nomenclature