CVE-2018-8008

5.5MEDIUM

Key Information:

Vendor: Apache
Status: Apache Storm
Vendor: CVE Published:; 5 June 2018

Summary

Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder.

Affected Version(s)

Apache Storm Apache Storm 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier

References

https://lists.apache.org/thread.html/613b2fca8bcd0a3b12c0...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/104418

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 5, 2018
Vulnerability Reserved
Mar 9, 2018