Back to Advisories
🔔 CVE Advisory

CVE-2021-37941

Elastic APM

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of permissions than they possess.

Year 2021
Published November 19, 2021

Advisory Information

Affected Product Elastic APM
Title CVE-2021-37941
Description

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of permissions than they possess.

Year 2021
Published Date November 19, 2021
View Full CVE Advisory

Affected Vendors

E
Elastic

Research Team

TP
Trung Pham