How To Fix CVE-2021–42392- A Critical Unauthenticated RCE In H2 Database Console?

What Is H2 Database?

What Is JNDI?

About The CVE-2021–42392 Vulnerability (A RCE Vulnerability In H2 Database Console):

  1. H2 Web Console: This is the most prevalent vector among others. It is an embedded web-based console that can be accessible on http://localhost:8082 from the browser.
  2. H2 Shell Tool: This is a command-line tool that allows an attacker to invoke the vulnerability.
  3. SQL-Based Vectors: This vector allows an attacker to invoke the vulnerability by several SQL stored procedures, available by default in the H2 database.

H2 Database Versions Vulnerable To The CVE-2021–42392 Vulnerability:

How To Check If The System Is Vulnerable To The CVE-2021–42392 Vulnerability?

nmap -sV --script http-title --script-args "http-title.url=/" -p80,443,8000-9000 192.168.0.0/24 | grep "H2 Console"

How To Fix CVE-2021–42392- A Critical Unauthenticated RCE In H2 Database Console?

  1. These versions of Java will not allow remote codebases to be loaded naively via JNDI. So, you can consider mitigation is enabled by default on these versions of Java. It is better to upgrade Java to any of these versions.

--

--

--

We are here to create awareness about cyber security.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Thesecmasterblog

Thesecmasterblog

We are here to create awareness about cyber security.

More from Medium

How To Fix “InstallerFileTakeOver” 0day LPE Vulnerability In Windows?

Log4Shell — (CVE-2021–44228)

Protect Text Input from Cross-Site-Scripting (XSS) Attacks Through Normalization in Node.js

Log4j Vulnerability Explained