Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API.
References
Link | Resource |
---|---|
https://security.gradle.com/advisory/2022-05 | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-25T19:55:17
Updated: 2022-03-25T19:55:17
Reserved: 2022-03-25T00:00:00
Link: CVE-2022-27919
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-25T20:15:09.270
Modified: 2023-08-08T14:22:24.967
Link: CVE-2022-27919
JSON object: View
Redhat Information
No data.
CWE