CVE-2021-39133 - OpenCVE

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, a user with `admin` access to the `system` resource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions. Patches are available in Rundeck versions 3.4.3 and 3.3.14.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Pagerduty	Rundeck

Configuration 1 [-]

OR	cpe:2.3:a:pagerduty:rundeck::::::::
	cpe:2.3:a:pagerduty:rundeck::::::::

References

Link	Resource
https://github.com/rundeck/rundeck/commit/67c4eedeaf9509fc0b255aff15977a5229ef13b9	Patch Third Party Advisory
https://github.com/rundeck/rundeck/security/advisories/GHSA-3jmw-c69h-426c	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-08-30T19:50:10

Updated: 2021-08-30T19:50:10

Reserved: 2021-08-16T00:00:00

Link: CVE-2021-39133

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-08-30T20:15:07.730

Modified: 2021-09-08T15:21:52.573

Link: CVE-2021-39133

JSON object: View

Redhat Information

No data.

CWE

CWE-352

{"containers": {"cna": {"affected": [{"product": "rundeck", "vendor": "rundeck", "versions": [{"status": "affected", "version": "< 3.3.14"}, {"status": "affected", "version": ">= 3.4.0, < 3.4.3"}]}], "descriptions": [{"lang": "en", "value": "Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, a user with `admin` access to the `system` resource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions. Patches are available in Rundeck versions 3.4.3 and 3.3.14."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-352", "description": "CWE-352: Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-30T19:50:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/rundeck/rundeck/security/advisories/GHSA-3jmw-c69h-426c"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/rundeck/rundeck/commit/67c4eedeaf9509fc0b255aff15977a5229ef13b9"}], "source": {"advisory": "GHSA-3jmw-c69h-426c", "discovery": "UNKNOWN"}, "title": "Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-39133", "STATE": "PUBLIC", "TITLE": "Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "rundeck", "version": {"version_data": [{"version_value": "< 3.3.14"}, {"version_value": ">= 3.4.0, < 3.4.3"}]}}]}, "vendor_name": "rundeck"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, a user with `admin` access to the `system` resource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions. Patches are available in Rundeck versions 3.4.3 and 3.3.14."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-352: Cross-Site Request Forgery (CSRF)"}]}]}, "references": {"reference_data": [{"name": "https://github.com/rundeck/rundeck/security/advisories/GHSA-3jmw-c69h-426c", "refsource": "CONFIRM", "url": "https://github.com/rundeck/rundeck/security/advisories/GHSA-3jmw-c69h-426c"}, {"name": "https://github.com/rundeck/rundeck/commit/67c4eedeaf9509fc0b255aff15977a5229ef13b9", "refsource": "MISC", "url": "https://github.com/rundeck/rundeck/commit/67c4eedeaf9509fc0b255aff15977a5229ef13b9"}]}, "source": {"advisory": "GHSA-3jmw-c69h-426c", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-39133", "datePublished": "2021-08-30T19:50:10", "dateReserved": "2021-08-16T00:00:00", "dateUpdated": "2021-08-30T19:50:10", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pagerduty:rundeck:*:*:*:*:*:*:*:*", "matchCriteriaId": "D748AEB1-DF73-46BF-89F4-90C4054DFDF3", "versionEndExcluding": "3.3.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:pagerduty:rundeck:*:*:*:*:*:*:*:*", "matchCriteriaId": "37695317-3B98-418C-9418-59BBC3D8554B", "versionEndExcluding": "3.4.3", "versionStartIncluding": "3.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, a user with `admin` access to the `system` resource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions. Patches are available in Rundeck versions 3.4.3 and 3.3.14."}, {"lang": "es", "value": "Rundeck es un servicio de automatizaci\u00f3n de c\u00f3digo abierto con una consola web, herramientas de l\u00ednea de comandos y una WebAPI. Versiones anteriores a 3.3.14 y versi\u00f3n 3.4.3, un usuario con acceso \"admin\" al tipo de recurso \"system\" es potencialmente vulnerable a un ataque de tipo CSRF que podr\u00eda causar que el servidor ejecute c\u00f3digo no confiable en todas las ediciones de Rundeck. Los parches est\u00e1n disponibles en versiones 3.4.3 y 3.3.14 de Rundeck."}], "id": "CVE-2021-39133", "lastModified": "2021-09-08T15:21:52.573", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-08-30T20:15:07.730", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/rundeck/rundeck/commit/67c4eedeaf9509fc0b255aff15977a5229ef13b9"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/rundeck/rundeck/security/advisories/GHSA-3jmw-c69h-426c"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security-advisories@github.com", "type": "Primary"}]}