Lucene search

[email protected]NVD:CVE-2024-2221

HistoryApr 10, 2024 - 5:15 p.m.

CVE-2024-2221

2024-04-1017:15:54

CWE-434

[email protected]

web.nvd.nist.gov

qdrant

path traversal

arbitrary file upload

collections

snapshots

upload

vulnerability

filesystem

remote code execution

integrity

availability

unauthorized access

server malfunction

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

Percentile

9.0%

JSON

qdrant/qdrant is vulnerable to a path traversal and arbitrary file upload vulnerability via the /collections/{COLLECTION}/snapshots/upload endpoint, specifically through the snapshot parameter. This vulnerability allows attackers to upload and overwrite any file on the filesystem, leading to potential remote code execution. This issue affects the integrity and availability of the system, enabling unauthorized access and potentially causing the server to malfunction.

References

github.com/qdrant/qdrant/commit/e6411907f0ecf3c2f8ba44ab704b9e4597d9705d

huntr.com/bounties/6be8d4e3-67e6-4660-a8db-04215a1cff3e

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-2221

cve1 vulnrichment1 cvelist1 osv1