What's the issue?
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map the corresponding ID to a command to be executed.
CVE-2021-42855
Severity: High
Versions Affected: <11.8.8, 12.x<12.13, 10.x
Local privilege escalation due to misconfigured write permission on .debug_command.config file (CVE-2021-42855)
Description
Solution
Mitigation
The vulnerability has been fixed in AppInternals Agent GA versions 11.8.8 and 12.14.0 and later. They are available for download in the Aternity Support portal.
Credit
Discovered by GovTech Security Team (Darrel Huang, Bjorn Lim, Leng Kang Hao).
The vulnerability has been fixed in AppInternals Agent GA versions 11.8.8 and 12.14.0 and later. They are available for download in the Aternity Support portal.
Credit
Discovered by GovTech Security Team (Darrel Huang, Bjorn Lim, Leng Kang Hao).
Environment
SteelCentral AppInternals Dynamic Sampling Agent
Related Bugs
Attachments
Related Files
NOTICE: Riverbed® product names have changed. Please refer to the Product List for a complete list of product names.
Can't find an answer? Create a case