← back
CVE-2021-44458

Lack of websocket authentication in Lens causes remote code execution when visiting a malicious website

CVSS 8.3 HIGHEPSS 0.4%CWE-287
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
10 Jan 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Linux users running Lens 5.2.6 and earlier could be compromised by visiting a malicious website. The malicious website could make websocket connections from the victim's browser to Lens and so operate the local terminal feature. This would allow the attacker to execute arbitrary commands as the Lens user.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected products
Mirantis · Lens

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/Mirantis/security/blob/main/advisories/0001.md