CVE-2021-23727 Information

Description

This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend the data is deserialized. Given that an attacker can gain access to or somehow manipulate the metadata within a celery backend they could trigger a stored command injection vulnerability and potentially gain further access to the system.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://github.com/celery/celery/blob/master/Changelog.rst%23522 https://snyk.io/vuln/SNYK-PYTHON-CELERY-2314953 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYXRGHWHD2WWMHBWCVD5ULVINPKNY3P5/

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.5