gsd-2021-40525
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-40525",
"description": "Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.",
"id": "GSD-2021-40525"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-40525"
],
"details": "Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.",
"id": "GSD-2021-40525",
"modified": "2023-12-13T01:23:25.438012Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-40525",
"STATE": "PUBLIC",
"TITLE": "Sieve file storage vulnerable to path traversal attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache James",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache James",
"version_value": "3.6.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "The Apache James PMC would like to thanks Benoit TELLIER for the report."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2022/01/04/4",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2022/01/04/4"
},
{
"name": "[oss-security] 20220104 CVE-2021-40525: Apache James: Sieve file storage vulnerable to path traversal attacks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/01/04/4"
},
{
"name": "[oss-security] 20220207 CVE-2022-22931: Path traversal in Apache James",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/02/07/1"
}
]
},
"source": {
"defect": [
"JAMES-3646"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "eng",
"value": "This could also be mitigated by ensuring manageSieve is disabled, which is the case by default.\n"
}
]
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,3.6.1)",
"affected_versions": "All versions before 3.6.1",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-352",
"CWE-937"
],
"date": "2022-02-08",
"description": "Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.",
"fixed_versions": [
"3.6.1"
],
"identifier": "CVE-2021-40525",
"identifiers": [
"GHSA-c38m-7h53-g9v4",
"CVE-2021-40525"
],
"not_impacted": "All versions starting from 3.6.1",
"package_slug": "maven/org.apache.james/james-server",
"pubdate": "2022-01-21",
"solution": "Upgrade to version 3.6.1 or above.",
"title": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-40525",
"https://www.openwall.com/lists/oss-security/2022/01/04/4",
"http://www.openwall.com/lists/oss-security/2022/01/04/4",
"http://www.openwall.com/lists/oss-security/2022/02/07/1",
"https://github.com/advisories/GHSA-c38m-7h53-g9v4"
],
"uuid": "0969a939-e9a8-40a4-8f46-3914466ad199"
},
{
"affected_range": "(,3.6.2)",
"affected_versions": "All versions before 3.6.2",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-937"
],
"date": "2022-03-29",
"description": "Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.",
"fixed_versions": [
"3.6.2"
],
"identifier": "CVE-2021-40525",
"identifiers": [
"CVE-2021-40525"
],
"not_impacted": "All versions starting from 3.6.2",
"package_slug": "maven/org.jamesframework/james",
"pubdate": "2022-01-04",
"solution": "Upgrade to version 3.6.2 or above.",
"title": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-40525",
"https://www.openwall.com/lists/oss-security/2022/01/04/4",
"http://www.openwall.com/lists/oss-security/2022/01/04/4"
],
"uuid": "fd587279-0b8e-4e93-86ba-09905dd15a5b"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:james:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-40525"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2022/01/04/4",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/04/4"
},
{
"name": "[oss-security] 20220104 CVE-2021-40525: Apache James: Sieve file storage vulnerable to path traversal attacks",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/04/4"
},
{
"name": "[oss-security] 20220207 CVE-2022-22931: Path traversal in Apache James",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/07/1"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
},
"lastModifiedDate": "2022-03-29T16:34Z",
"publishedDate": "2022-01-04T09:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…