The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.
References
Link | Resource |
---|---|
https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6 | Mitigation Third Party Advisory |
https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/ | Exploit Technical Description Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220119-0001/ | Third Party Advisory |
https://www.debian.org/security/2022/dsa-5076 | Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory |
https://www.secpod.com/blog/log4shell-critical-remote-code-execution-vulnerability-in-h2database-console/ |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
24 Feb 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Sep 2022, 03:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:* | |
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory | |
First Time |
Oracle
Oracle communications Cloud Native Core Policy |
20 Apr 2022, 00:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Mar 2022, 16:55
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220119-0001/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html - Mailing List, Third Party Advisory | |
References | (MISC) https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6 - Mitigation, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5076 - Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
|
First Time |
Debian
Debian debian Linux |
16 Feb 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Feb 2022, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Jan 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Jan 2022, 14:35
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/ - Exploit, Technical Description, Vendor Advisory | |
References | (MISC) https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6 - Issue Tracking, Third Party Advisory | |
CWE | CWE-502 | |
CPE | cpe:2.3:a:h2database:h2:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
First Time |
H2database h2
H2database |
12 Jan 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Jan 2022, 14:14
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-10 14:10
Updated : 2023-12-10 14:09
NVD link : CVE-2021-42392
Mitre link : CVE-2021-42392
CVE.ORG link : CVE-2021-42392
JSON object : View
Products Affected
h2database
- h2
oracle
- communications_cloud_native_core_policy
debian
- debian_linux
CWE
CWE-502
Deserialization of Untrusted Data