Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42559

Jan. 12, 2022, 8:15 p.m. |

National Vulnerability Database nist.gov

An issue was discovered in CALDERA 2.8.1. It contains multiple startup "requirements" that execute commands when starting the server. Because these commands can be changed via the REST API, an authenticated user can insert arbitrary commands that will execute when the server is restarted.

2021 cve

Staff Reverse Engineer

@ Dragos, Inc. | Remote - USA

Cybersecurity Engineer

@ Sigma Defense | San Diego, California, United States

Sr Staff Engineer/Principal Engineer(Security Researcher, Security Efficacy)

@ Netskope | Bengaluru, Karnataka, India

Information Security Manager - Zurich, CH

@ Scandit | Zurich

Senior Developer C/Go (Acronis Cyber Infrastructure)

@ Acronis | Belgrade, Stari Grad, Serbia

Intermediate Security Analyst

@ ATB Financial | Calgary, Alberta, Canada