Akkadian Provisioning Manager - Information Disclosure
ID: CVE-2021-31581
Severity: medium
Author: geeknik
Tags: cve,cve2021,akkadian,mariadb,disclosure,akkadianlabs
Description
Section titled “Description”Akkadian Provisioning Manager is susceptible to information disclosure. The restricted shell provided can be escaped by abusing the Edit MySQL Configuration command. This command launches a standard VI editor interface which can then be escaped.
YAML Source
Section titled “YAML Source”id: CVE-2021-31581
info: name: Akkadian Provisioning Manager - Information Disclosure author: geeknik severity: medium description: Akkadian Provisioning Manager is susceptible to information disclosure. The restricted shell provided can be escaped by abusing the Edit MySQL Configuration command. This command launches a standard VI editor interface which can then be escaped. impact: | An attacker can exploit this vulnerability to access sensitive information, such as user credentials or system configuration details. remediation: This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later. reference: - https://threatpost.com/unpatched-bugs-provisioning-cisco-uc/166882/ - https://www.rapid7.com/blog/post/2021/06/08/akkadian-provisioning-manager-multiple-vulnerabilities-disclosure/ - https://nvd.nist.gov/vuln/detail/CVE-2021-31581 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N cvss-score: 4.4 cve-id: CVE-2021-31581 cwe-id: CWE-269,CWE-312 epss-score: 0.00213 epss-percentile: 0.59248 cpe: cpe:2.3:a:akkadianlabs:ova_appliance:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: akkadianlabs product: ova_appliance tags: cve,cve2021,akkadian,mariadb,disclosure,akkadianlabs
http: - method: GET path: - "{{BaseURL}}/pme/database/pme/phinx.yml"
matchers-condition: and matchers: - type: word words: - "host:" - "name:" - "pass:" condition: and
- type: word negative: true words: - "html>"
- type: status status: - 200# digest: 4a0a00473045022052bdfc93ac29fbddaa9fd5529ce26568dd02d465b3ea61d9d903346849f7715e02210098f818c849c673bec2b124e3ae18562ef0ee5e19100bcdce032a6ca4e3ea1410:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-31581.yaml"