Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-32647

Emissary is a P2P based data-driven workflow engine. Affected versions of Emissary are vulnerable to post-authentication Remote Code Execution (RCE). The CreatePlace REST endpoint accepts an sppClassName parameter which is used to load an arbitrary class. This class is later instantiated using a constructor with the following signature: <constructor>(String, String, String). An attacker may find a gadget (class) in the application classpath that could be used to achieve Remote Code Execution (RCE) or disrupt the application. Even though the chances to find a gadget (class) that allow arbitrary code execution are low, an attacker can still find gadgets that could potentially crash the application or leak sensitive data. As a work around disable network access to Emissary from untrusted sources.

CVE
#git#java#rce#auth

Impact

Emissary is vulnerable to post-authentication Remote Code Execution (RCE)

The CreatePlace REST endpoint accepts an sppClassName parameter which is used to load an arbitrary class. This class is later instantiated using a constructor with the following signature: <constructor>(String, String, String). An attacker may find a gadget (class) in the application classpath that could be used to achieve Remote Code Execution (RCE) or disrupt the application.

Even though the chances to find a gadget (class) that allow arbitrary code execution are low, an attacker can still find gadgets that could potentially crash the application or leak sensitive data.

Patches

This problem has been addressed in Emissary 7.0.0 - the patch is present in #155

Workarounds

Disable network access to Emissary from untrusted sources.

References

Are there any links users can visit to find out more?

For more information

If you have any questions or comments about this advisory:

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907