CVE-2021-37941 Information

Description

A local privilege escalation issue was found with the APM Java agent where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector a malicious or compromised user account could use the agent to run commands at a higher level of permissions than they possess. This vulnerability affects users that have set up the agent via the attacher cli 3 the attach API 2 as well as users that have enabled the profiling_inferred_spans_enabled option

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://discuss.elastic.co/t/apm-java-agent-security-update/289627

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8