Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-31581

Опубликовано: 22 июл. 2021
Источник: nvd
CVSS3: 7.9
CVSS3: 4.4
CVSS2: 2.1
EPSS Средний

Описание

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:akkadianlabs:ova_appliance:*:*:*:*:*:*:*:*
Версия до 3.0 (исключая)
cpe:2.3:a:akkadianlabs:provisioning_manager:*:*:*:*:*:*:*:*
Версия от 3.0.0 (включая) до 3.3.0.314-4a349e0 (исключая)
cpe:2.3:a:akkadianlabs:provisioning_manager:*:*:*:*:*:*:*:*
Версия от 4.0.0 (включая) до 5.0.2 (исключая)

EPSS

Процентиль: 94%
0.15575
Средний

7.9 High

CVSS3

4.4 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-269
CWE-312

Связанные уязвимости

github логотип

GHSA-rcqq-fm3c-9r79

github
больше 3 лет назад

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).

EPSS

Процентиль: 94%
0.15575
Средний

7.9 High

CVSS3

4.4 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-269
CWE-312