Miggo Logo

CVE-2021-37941: APM Java Agent Local Privilege Escalation

7.8

CVSS Score
3.1

Basic Information

EPSS Score
0.07872%
Published
12/9/2021
Updated
4/22/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
elastic-apmpip>= 1.10.0, < 1.27.01.27.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided information describes a vulnerability in the APM Java agent related to insecure agent attachment mechanisms and the profiling_inferred_spans_enabled feature. However, the affected package listed (elastic-apm in pip) appears to reference a Python package, while the vulnerability explicitly pertains to the Java agent implementation. No commit diffs, patch details, or specific code references are provided to identify exact vulnerable functions in either the Python or Java codebase. While the vulnerability likely involves functions related to agent attachment (e.g., VirtualMachine.attach() interactions) or profiling file handling, the lack of concrete code context prevents high-confidence identification of specific functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* lo**l privil*** *s**l*tion issu* w*s *oun* wit* t** *PM J*v* ***nt, w**r* * us*r on t** syst*m *oul* *tt*** * m*li*ious *il* to *n *ppli**tion runnin* wit* t** *PM J*v* ***nt. Usin* t*is v**tor, * m*li*ious or *ompromis** us*r ***ount *oul* us* t**

Reasoning

T** provi*** in*orm*tion **s*ri**s * vuln*r**ility in t** *PM J*v* ***nt r*l*t** to ins**ur* ***nt *tt***m*nt m****nisms *n* t** pro*ilin*_in**rr**_sp*ns_*n**l** ***tur*. *ow*v*r, t** *****t** p**k*** list** (*l*sti*-*pm in pip) *pp**rs to r***r*n**