GSD-2021-40865
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-40865",
"description": "An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4",
"id": "GSD-2021-40865"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-40865"
],
"details": "An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4",
"id": "GSD-2021-40865",
"modified": "2023-12-13T01:23:25.155938Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-40865",
"STATE": "PUBLIC",
"TITLE": "Unsafe Pre-Authentication Deserialization In Workers"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Storm",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "Apache Storm ",
"version_value": "v1.0.0"
},
{
"version_affected": "\u003c",
"version_name": "Apache Storm",
"version_value": "v1.2.4"
},
{
"version_affected": "\u003c",
"version_name": "Apache Storm",
"version_value": "v2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "Apache Storm",
"version_value": "v2.2.1"
},
{
"version_affected": "\u003c",
"version_name": "Apache Storm",
"version_value": "v2.3.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache Storm would like to thank @pwntester Alvaro Mu\u00f1oz of the GitHub Security Lab team for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "high"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/r8d45e74299897b6734dd0f788c46a631009ce2eeb731523386f7a253%40%3Cuser.storm.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r8d45e74299897b6734dd0f788c46a631009ce2eeb731523386f7a253%40%3Cuser.storm.apache.org%3E"
},
{
"name": "https://seclists.org/oss-sec/2021/q4/45",
"refsource": "MISC",
"url": "https://seclists.org/oss-sec/2021/q4/45"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "eng",
"value": "Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0\nApache Storm 2.1.x users should upgrade to version 2.1.1\nApache Storm 1.x users should upgrade to version 1.2.4"
}
]
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[1.0.0,1.2.4),[2.1.0,2.1.1),[2.2.0,2.2.1)",
"affected_versions": "All versions starting from 1.0.0 before 1.2.4, all versions starting from 2.1.0 before 2.1.1, all versions starting from 2.2.0 before 2.2.1",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-502",
"CWE-937"
],
"date": "2021-10-28",
"description": "An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE).",
"fixed_versions": [
"2.0.0",
"2.1.1",
"2.2.1"
],
"identifier": "CVE-2021-40865",
"identifiers": [
"CVE-2021-40865"
],
"not_impacted": "All versions before 1.0.0, all versions starting from 1.2.4 before 2.1.0, all versions starting from 2.1.1 before 2.2.0, all versions starting from 2.2.1",
"package_slug": "maven/org.apache.storm/storm-server",
"pubdate": "2021-10-25",
"solution": "Upgrade to versions 2.0.0, 2.1.1, 2.2.1 or above.",
"title": "Deserialization of Untrusted Data",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-40865",
"https://seclists.org/oss-sec/2021/q4/45"
],
"uuid": "d63847de-68c4-4bb8-b4e2-cb943387cf73"
},
{
"affected_range": "[2.2.0,2.2.1),[1.0.0,1.2.4),[2.1.0,2.1.1)",
"affected_versions": "All versions starting from 2.2.0 before 2.2.1, all versions starting from 1.0.0 before 1.2.4, all versions starting from 2.1.0 before 2.1.1",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-502",
"CWE-78",
"CWE-937"
],
"date": "2021-10-29",
"description": "An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4",
"fixed_versions": [
"2.2.1",
"2.2.1",
"1.2.4"
],
"identifier": "CVE-2021-40865",
"identifiers": [
"GHSA-w729-7633-2fw5",
"CVE-2021-40865"
],
"not_impacted": "All versions before 2.2.0, all versions starting from 2.2.1, all versions before 1.0.0, all versions starting from 1.2.4 before 2.1.0, all versions starting from 2.1.1",
"package_slug": "maven/org.apache.storm/storm",
"pubdate": "2021-10-27",
"solution": "Upgrade to versions 2.2.1, 2.2.1, 1.2.4 or above.",
"title": "Deserialization of Untrusted Data",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-40865",
"https://lists.apache.org/thread.html/r8d45e74299897b6734dd0f788c46a631009ce2eeb731523386f7a253%40%3Cuser.storm.apache.org%3E",
"https://seclists.org/oss-sec/2021/q4/45",
"https://github.com/advisories/GHSA-w729-7633-2fw5"
],
"uuid": "a30b441b-a82e-42a3-bcf4-db840ef7a350"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:storm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2.4",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:storm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.1",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:storm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-40865"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://seclists.org/oss-sec/2021/q4/45",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2021/q4/45"
},
{
"name": "https://lists.apache.org/thread.html/r8d45e74299897b6734dd0f788c46a631009ce2eeb731523386f7a253%40%3Cuser.storm.apache.org%3E",
"refsource": "MISC",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r8d45e74299897b6734dd0f788c46a631009ce2eeb731523386f7a253%40%3Cuser.storm.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-10-28T17:54Z",
"publishedDate": "2021-10-25T13:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…