CVE-2021-38294
N/A
N/A
Summary
A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to authentication.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache Software Foundation | Apache Storm | v1.0.0 < Apache Storm* | affected |
| Apache Software Foundation | Apache Storm | Apache Storm < v1.2.4 | affected |
Weaknesses
- CWE-74: CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Workarounds
Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0 Apache Storm 2.1.x users should upgrade to version 2.1.1 Apache Storm 1.x users should upgrade to version 1.2.4
ADP Enrichment
CVE Program Container
Additional References
- https://lists.apache.org/thread.html/r5fe881f6ca883908b7a0f005d35115af49f43beea7a8b0915e377859%40%3Cuser.storm.apache.org%3E
- https://seclists.org/oss-sec/2021/q4/44
- http://packetstormsecurity.com/files/165019/Apache-Storm-Nimbus-2.2.0-Command-Execution.html
References
- https://lists.apache.org/thread.html/r5fe881f6ca883908b7a0f005d35115af49f43beea7a8b0915e377859%40%3Cuser.storm.apache.org%3E
- https://seclists.org/oss-sec/2021/q4/44
- http://packetstormsecurity.com/files/165019/Apache-Storm-Nimbus-2.2.0-Command-Execution.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.