CVE-2021-41619 - OpenCVE

An issue was discovered in Gradle Enterprise before 2021.1.2. There is potential remote code execution via the application startup configuration. The installation configuration user interface (available to administrators) allows specifying arbitrary Java Virtual Machine startup options. Some of these options, such as -XX:OnOutOfMemoryError, allow specifying a command to be run on the host. This can be abused to run arbitrary commands on the host, should an attacker gain administrative access to the application.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Gradle	Enterprise

Configuration 1 [-]

cpe:2.3:a:gradle:enterprise:*:*:*:*:*:*:*:*

References

Link	Resource
https://security.gradle.com	Vendor Advisory
https://security.gradle.com/advisory/2021-08	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-10-27T13:24:37

Updated: 2021-10-27T13:24:37

Reserved: 2021-09-27T00:00:00

Link: CVE-2021-41619

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-10-27T14:15:07.610

Modified: 2021-11-03T12:56:08.123

Link: CVE-2021-41619

JSON object: View

Redhat Information

No data.

CWE

CWE-94

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Gradle Enterprise before 2021.1.2. There is potential remote code execution via the application startup configuration. The installation configuration user interface (available to administrators) allows specifying arbitrary Java Virtual Machine startup options. Some of these options, such as -XX:OnOutOfMemoryError, allow specifying a command to be run on the host. This can be abused to run arbitrary commands on the host, should an attacker gain administrative access to the application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-10-27T13:24:37", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.gradle.com"}, {"tags": ["x_refsource_MISC"], "url": "https://security.gradle.com/advisory/2021-08"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-41619", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Gradle Enterprise before 2021.1.2. There is potential remote code execution via the application startup configuration. The installation configuration user interface (available to administrators) allows specifying arbitrary Java Virtual Machine startup options. Some of these options, such as -XX:OnOutOfMemoryError, allow specifying a command to be run on the host. This can be abused to run arbitrary commands on the host, should an attacker gain administrative access to the application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://security.gradle.com", "refsource": "MISC", "url": "https://security.gradle.com"}, {"name": "https://security.gradle.com/advisory/2021-08", "refsource": "MISC", "url": "https://security.gradle.com/advisory/2021-08"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-41619", "datePublished": "2021-10-27T13:24:37", "dateReserved": "2021-09-27T00:00:00", "dateUpdated": "2021-10-27T13:24:37", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gradle:enterprise:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6CD7747-C2DF-4181-8F50-FDE6B5FC3F6C", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2020.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Gradle Enterprise before 2021.1.2. There is potential remote code execution via the application startup configuration. The installation configuration user interface (available to administrators) allows specifying arbitrary Java Virtual Machine startup options. Some of these options, such as -XX:OnOutOfMemoryError, allow specifying a command to be run on the host. This can be abused to run arbitrary commands on the host, should an attacker gain administrative access to the application."}, {"lang": "es", "value": "Se ha detectado un problema en Gradle Enterprise versiones anteriores a 2021.1.2. Se presenta una potencial ejecuci\u00f3n de c\u00f3digo remota por medio de la configuraci\u00f3n de inicio de la aplicaci\u00f3n. La interfaz de usuario de configuraci\u00f3n de la instalaci\u00f3n (disponible para los administradores) permite especificar opciones de inicio de la m\u00e1quina virtual Java arbitrarias. Algunas de estas opciones, como -XX:OnOutOfMemoryError, permiten especificar un comando a ejecutar en el host. Esto puede ser abusado para ejecutar comandos arbitrarios en el host, si un atacante consigue acceso administrativo a la aplicaci\u00f3n"}], "id": "CVE-2021-41619", "lastModified": "2021-11-03T12:56:08.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-10-27T14:15:07.610", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://security.gradle.com"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://security.gradle.com/advisory/2021-08"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}