CVE-2021-4326

Summary

A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI.

Affected Software

VendorProductVersion RangeStatus
Open Mainframe ProjectZowe1.16.0 < 1.28.2affected
Open Mainframe ProjectZowe2.0.0 < 2.5.0affected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

References