CVE-2021-33191

MiNiFi CPP arbitrary script execution is possible on the agent's host machine through the c2 protocol

EPSS 4.0%CWE-78

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 4.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

24 Aug 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command is then executed using the same privileges as the application binary. This was addressed in version 0.10.0

Affected products

Apache Software Foundation · Apache NiFi - MiNiFi C++

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://lists.apache.org/thread.html/r6f27a2454f5f67dbe4e21c8eb1db537b01863a0bc3758f28aa60f032%40%3Cannounce.apache.org%3E https://www.openwall.com/lists/oss-security/2021/08/24/1 http://www.openwall.com/lists/oss-security/2021/08/24/1