APM Java Agent LPE via malicious plugin
CVE-2021-37942 Published on November 22, 2023
APM Java Agent Local Privilege Escalation
A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions than their user typically has access to.
Vulnerability Analysis
CVE-2021-37942 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2021-37942
Want to know whenever a new CVE is published for Elastic Apm Java Agent? stack.watch will email you.
Affected Versions
Elastic APM Java Agent:- Version 1.18.0 and below 1.27.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.