mirror of https://github.com/qwqdanchun/Goby.git
131 lines
4.8 KiB
JSON
131 lines
4.8 KiB
JSON
{
|
||
"Name": "Control-M log4j2 Remote command execution vulnerability (CVE-2021-44228)",
|
||
"Description": "<p>Control-M is a cross-platform batch job scheduling management software. It adopts C/S mode, installs Enterprise Manager and server on the server, installs the agent on the controlled host, and the agent can submit the defined by Control-M on the host Job flow, and return the running result.</p><p>Control-M log4j2 has a remote command execution vulnerability. Attackers can use this vulnerability to execute commands arbitrarily on the server side, write to the backdoor, obtain server permissions, and then control the entire web server.</p>",
|
||
"Product": "Control-M",
|
||
"Homepage": "https://www.bmc.com/it-solutions/control-m.html",
|
||
"DisclosureDate": "2021-12-23",
|
||
"Author": "fmbd",
|
||
"FofaQuery": "app=\"BMC-Control-M-Root-CA\" || product=\"JAVA\"",
|
||
"GobyQuery": "app=\"BMC-Control-M-Root-CA\" || product=\"JAVA\"",
|
||
"Level": "3",
|
||
"Impact": "<p>Control-M log4j2 has a remote command execution vulnerability. Attackers can use this vulnerability to execute commands arbitrarily on the server side, write to the backdoor, obtain server permissions, and then control the entire web server.</p>",
|
||
"Recommendation": "<p>The supplier has released a solution, please upgrade to the new version:<a href=\"https://github.com/apache/logging-log4j2/tags/\" target=\"_blank\">https://github.com/apache/logging-log4j2/tags/</a></p><p>1. Deploy a web application firewall to monitor database operations.</p><p>2.If not necessary, prohibit public network access to the system.</p> ",
|
||
"Translation": {
|
||
"CN": {
|
||
|
||
"Name": "Control-M log4j2 命令执行漏洞(CVE-2021-44228)",
|
||
"Product": "Control-M",
|
||
"VulType": [
|
||
"命令执行"
|
||
],
|
||
"Tags": [
|
||
"命令执行"
|
||
],
|
||
"Description": "<p>Control-M是一个跨平台的批量作业调度管理软件,采用C/S模式,在服务器上安装Enterprise Manager和服务器,在被控主机上安装agent, agent可以在主机上提交由Control-M定义好的作业流,并返回运行结果。</p><p>Control-M log4j2 存在命令执行漏洞,攻击者可通过该漏洞在服务器端任意执行命令,写入后门,获取服务器权限,进而控制整个web服务器。</p>",
|
||
"Impact": "<p>Control-M log4j2 存在命令执行漏洞,攻击者可通过该漏洞在服务器端任意执行命令,写入后门,获取服务器权限,进而控制整个web服务器。<br></p>",
|
||
"Recommendation": "<p>⼚商已发布了漏洞方案,请及时关注: <a href=\"https://github.com/apache/logging-log4j2/tags/\">https://github.com/apache/logging-log4j2/tags/</a></p><p></p><p>1、通过防⽕墙等安全设备设置访问策略,设置⽩名单访问。</p><p>2、如⾮必要,禁⽌公⽹访问该系统。</p>"
|
||
}
|
||
},
|
||
"References": [
|
||
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228",
|
||
"https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
|
||
],
|
||
"Is0day": false,
|
||
"HasExp": false,
|
||
"ExpParams": [],
|
||
"ExpTips": {
|
||
"Type": "",
|
||
"Content": ""
|
||
},
|
||
"ScanSteps": [
|
||
"AND",
|
||
{
|
||
"Request": {
|
||
"method": "GET",
|
||
"uri": "/test.php",
|
||
"follow_redirect": true,
|
||
"header": {},
|
||
"data_type": "text",
|
||
"data": ""
|
||
},
|
||
"ResponseTest": {
|
||
"type": "group",
|
||
"operation": "AND",
|
||
"checks": [
|
||
{
|
||
"type": "item",
|
||
"variable": "$code",
|
||
"operation": "==",
|
||
"value": "200",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "test",
|
||
"bz": ""
|
||
}
|
||
]
|
||
},
|
||
"SetVariable": []
|
||
}
|
||
],
|
||
"ExploitSteps": [
|
||
"AND",
|
||
{
|
||
"Request": {
|
||
"method": "GET",
|
||
"uri": "/test.php",
|
||
"follow_redirect": true,
|
||
"header": {},
|
||
"data_type": "text",
|
||
"data": ""
|
||
},
|
||
"ResponseTest": {
|
||
"type": "group",
|
||
"operation": "AND",
|
||
"checks": [
|
||
{
|
||
"type": "item",
|
||
"variable": "$code",
|
||
"operation": "==",
|
||
"value": "200",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "test",
|
||
"bz": ""
|
||
}
|
||
]
|
||
},
|
||
"SetVariable": []
|
||
}
|
||
],
|
||
"Tags": [
|
||
"rce"
|
||
],
|
||
"VulType": [
|
||
"rce"
|
||
],
|
||
"CVEIDs": [
|
||
"CVE-2021-44228"
|
||
],
|
||
"CNNVD": [
|
||
"CNNVD-202112-799"
|
||
],
|
||
"CNVD": [
|
||
"CNVD-2021-95914"
|
||
],
|
||
"CVSSScore": "10.0",
|
||
"AttackSurfaces": {
|
||
"Application": null,
|
||
"Support": null,
|
||
"Service": null,
|
||
"System": null,
|
||
"Hardware": null
|
||
}
|
||
} |