Permissions, Privileges, and Access Controls in celery - CVE-2011-4356
Published: December 5, 2011 / Updated: August 11, 2020
Vulnerability identifier: #VU44474
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2011-4356
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Celery
Affected software:
celery
celery
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.
How to mitigate CVE-2011-4356
Install update from vendor's website.