Lucene search

K
cve[email protected]CVE-2021-21290
HistoryFeb 08, 2021 - 8:15 p.m.

CVE-2021-21290

2021-02-0820:15:00
CWE-379
CWE-378
web.nvd.nist.gov
286
23
netty
vulnerability
cve-2021-21290
unix-like systems
information disclosure
temporary directory
security patch

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

11.6%

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When nettyโ€™s multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method โ€œFile.createTempFileโ€ on unix-like systems creates a random file, but, by default will create this file with the permissions โ€œ-rw-rโ€“rโ€“โ€. Thus, if sensitive information is written to this file, other local users can read this information. This is the case in nettyโ€™s โ€œAbstractDiskHttpDataโ€ is vulnerable. This has been fixed in version 4.1.59.Final. As a workaround, one may specify your own โ€œjava.io.tmpdirโ€ when you start the JVM or use โ€œDefaultHttpDataFactory.setBaseDir(โ€ฆ)โ€ to set the directory to something that is only readable by the current user.

References

Social References

More

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

11.6%