Imperative Framework Privilege Escalation Vulnerability

Imperative Framework Privilege Escalation Vulnerability

CVE-2021-4326 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI.

Learn more about our Web Application Penetration Testing UK.