Command Injection Vulnerability in CALDERA by MITRE
CVE-2021-42559

8.8HIGH

Key Information:

Vendor: Mitre
Status: Caldera
Vendor: CVE Published:; 12 January 2022

Badges

👾 Exploit Exists

What is CVE-2021-42559?

A vulnerability exists in CALDERA 2.8.1 where multiple startup 'requirements' can execute commands upon server initialization. Because these commands are modifiable through the REST API, an authenticated user can manipulate this feature to execute arbitrary commands by altering the necessary configurations, leading to potential unauthorized access or system manipulation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/mitre/caldera/releases

x_refsource_MISC

https://github.com/DrunkenShells/Disclosures/tree/master/...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Jun 10, 2024
👾
Exploit known to exist
Jun 10, 2024
Vulnerability published
Jan 12, 2022
Vulnerability Reserved
Oct 18, 2021

JSON

Mitre

Badges

What is CVE-2021-42559?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.