CVE-2021-4007
Summary
| CVE | CVE-2021-4007 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-14 15:15:00 UTC |
| Updated | 2021-12-21 14:52:00 UTC |
| Description | Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent versions 3.0.1 to 3.1.2.34 start, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent's startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 3.1.2.35. This vulnerability is a regression of CVE-2019-5629. |
Risk And Classification
Problem Types: CWE-427
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rapid7 | Insight Agent | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE - CVE-2019-5629 | MISC | cve.mitre.org | |
| Insight Agent Release Notes | CONFIRM | docs.rapid7.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Dawson Medin discovered and disclosed this issue to Rapid7
There are currently no legacy QID mappings associated with this CVE.