CVE-2021-22204 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.8 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
GitLab	CNA	6.8 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 99%

Vendor	Product	Version
exiftool_project	exiftool	7.44 ≤ 𝑥 < 12.24
debian	debian_linux	9.0
debian	debian_linux	10.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

libimage-exiftool-perl

bullseye	12.16+dfsg-2 fixed
bookworm	12.57+dfsg-1 fixed
sid	13.00+dfsg-1 fixed
trixie	13.00+dfsg-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

libimage-exiftool-perl

jammy	not-affected
impish	not-affected
hirsute	Fixed 12.16+dfsg-1ubuntu0.1 released
groovy	Fixed 12.05-1ubuntu0.1 released
focal	Fixed 11.88-1ubuntu0.1 released
bionic	Fixed 10.80-1ubuntu0.1 released
xenial	Fixed 10.10-1ubuntu0.1~esm1 released
trusty	dne

Known Exploits!

Common Weakness Enumeration

CWE-94 - Improper Control of Generation of Code ('Code Injection')
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References

http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html

http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html

http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html

http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html

http://www.openwall.com/lists/oss-security/2021/05/09/1

http://www.openwall.com/lists/oss-security/2021/05/10/5

https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json

https://hackerone.com/reports/1154542

https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/

https://www.debian.org/security/2021/dsa-4910

http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html

http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html

http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html

http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html

http://www.openwall.com/lists/oss-security/2021/05/09/1

http://www.openwall.com/lists/oss-security/2021/05/10/5

https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json

https://hackerone.com/reports/1154542

https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/

https://www.debian.org/security/2021/dsa-4910