CVE-2011-4356 — Improper Privilege Management in Celery

CWE-264 CWE-269 — Improper Privilege Management6 documents5 sources

Severity

6.9MEDIUMNVD

EPSS

0.0%

top 85.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Celeryproject Celery Debian Celery

Timeline

PublishedDec 5

Latest updateMay 17

Description

Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages4 packages

▶debiandebian/celery< celery 2.4.6-1 (bookworm)

▶PyPIceleryproject/celery2.1.0 — 2.2.8+2

▶Debianceleryproject/celery< 2.4.6-1+3

▶NVDceleryproject/celery17 versions+16

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

Celery local privilege escalation vulnerability↗2022-05-17

▶

OSV

Celery local privilege escalation vulnerability↗2022-05-17

▶

OSV

CVE-2011-4356: Celery 2↗2011-12-05

▶

📋Vendor Advisories

Debian

CVE-2011-4356: celery - Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes ...↗2011

▶

💬Community

Bugzilla

CVE-2011-4356 python-celery: Privilege escalation due improper sanitization of --uid and --gid arguments in certain tools (CELERYSA-0001)↗2011-11-28

▶