CVE-2014-8114

The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2015-0234.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0235.html	Vendor Advisory
http://www.securityfocus.com/bid/88199
https://github.com/uberfire/uberfire/commit/21ec50eb15

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redhat:uberfire:0.3.0:::::::*
	cpe:2.3:a:redhat:uberfire:0.3.1:::::::*
	cpe:2.3:a:redhat:uberfire:0.3.2:::::::*
	cpe:2.3:a:redhat:uberfire:0.3.3:::::::*

History

No history.

Information

Published : 2015-02-20 16:59

Updated : 2019-04-12 19:29

NVD link : CVE-2014-8114

Mitre link : CVE-2014-8114

CVE.ORG link : CVE-2014-8114

JSON object : View

Products Affected

redhat

uberfire

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2014-8114", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-02-20T16:59:02.430", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/88199", "source": "secalert@redhat.com"}, {"url": "https://github.com/uberfire/uberfire/commit/21ec50eb15", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet."}, {"lang": "es", "value": "El Framework UberFire 0.3.x no restringe rutas correctamente, lo que permite a atacantes remotos (1) ejecutar c\u00f3digo arbitrario mediante la subida de un contenido manipulado en FileUploadServlet o (2) leer ficheros arbitrarios a trav\u00e9s de vectores que involucran FileDownloadServlet."}], "lastModified": "2019-04-12T19:29:00.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:uberfire:0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77C7E1E-DEB1-4274-A24B-E6055DDA7B28"}, {"criteria": "cpe:2.3:a:redhat:uberfire:0.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93450F9F-B493-43B4-AA0B-4CFC560727A4"}, {"criteria": "cpe:2.3:a:redhat:uberfire:0.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3689A871-C3E5-47D5-8A57-45B6C3643704"}, {"criteria": "cpe:2.3:a:redhat:uberfire:0.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "583BBDC5-EFB4-482C-94EC-E529AE938091"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}