Local File Truncation Vulnerability in WhiteBeam Software
CVE-2021-47688

5.7MEDIUM

Key Information:

Vendor: Whitebeam
Status: Whitebeam
Vendor: CVE Published:; 23 June 2025

What is CVE-2021-47688?

In versions 0.2.0 through 0.2.1 of WhiteBeam, a vulnerability allows users with local access to the server to exploit the allow-list functionality. This is achieved through a flaw in the OpenFileDescriptor action, permitting the file to be truncated prior to the execution of the VerifyCanWrite action. This misconfiguration could result in unauthorized data manipulation by effectively bypassing security protocols designed to restrict file access.

Affected Version(s)

WhiteBeam 0.2.0 < 0.2.2

References

https://github.com/WhiteBeamSec/WhiteBeam/security/adviso...

https://github.com/WhiteBeamSec/WhiteBeam/security/policy

https://github.com/WhiteBeamSec/WhiteBeam/pull/22

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Jun 23, 2025

Whitebeam

What is CVE-2021-47688?

Affected Version(s)

References

CVSS V3.1

Timeline