nvd-json-data-feeds/CVE-2021/CVE-2021-315xx/CVE-2021-31580.json

{
  "id": "CVE-2021-31580",
  "sourceIdentifier": "cve@rapid7.con",
  "published": "2021-07-22T19:15:08.883",
  "lastModified": "2021-08-09T18:11:27.493",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later)."
    },
    {
      "lang": "es",
      "value": "El shell restringido proporcionado por Akkadian Provisioning Manager Engine (PME) puede ser omitido cambiando el canal OpenSSH de \"shell\" a \"exec\" y proporcionando al cliente ssh un \u00fanico par\u00e1metro de ejecuci\u00f3n. Este problema fue resuelto en Akkadian OVA appliance versiones 3.0 (y posteriores), Akkadian Provisioning Manager versiones 5.0.2 (y posteriores), and Akkadian Appliance Manager versiones 3.3.0.314-4a349e0 (y posteriores)"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      },
      {
        "source": "cve@rapid7.con",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 8.7,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 5.8
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    },
    {
      "source": "cve@rapid7.con",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:akkadianlabs:ova_appliance:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "3.0",
              "matchCriteriaId": "4827961D-5C4A-4C9E-BD22-65CA440071A6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:akkadianlabs:provisioning_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "3.0.0",
              "versionEndExcluding": "3.3.0.314-4a349e0",
              "matchCriteriaId": "339F2068-073C-416D-B5E5-F1A468FE8904"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:akkadianlabs:provisioning_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.0.0",
              "versionEndExcluding": "5.0.2",
              "matchCriteriaId": "D08EC19B-0A36-4D9A-9894-FB41F8414CB6"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.rapid7.com/blog/post/2021/06/08/akkadian-provisioning-manager-multiple-vulnerabilities-disclosure/",
      "source": "cve@rapid7.con",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}