Lucene search

GoogleOSV:GHSA-VP62-M958-QJ8C

HistoryJan 04, 2023 - 12:30 a.m.

Gravitee API Management contains Path Traversal

2023-01-0400:30:26

Google

osv.dev

gravitee api management

html injection

path traversal

cve-2019-25075

email service

arbitrary files

vulnerability

patch

3.15.13

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

EPSS

0.002

Percentile

53.2%

JSON

This CVE addresses the partial fix for CVE-2019-25075

Gravitee API Management before 3.15.13 allows path traversal through HTML injection. A certain HTML injection combined with path traversal in the Email service in Gravitee API Management before 3.15.13 allows anonymous users to read arbitrary files via a /management/users/register request.

A patch was published in 2019 for this vulnerability but did not appear to have solved the issue. Version 3.15.13 did remove the flaw.

References

community.gravitee.io/t/whats-new-in-access-management-3-15-lts/164

gist.github.com/garatc/d86cdb1fa2e35a7ee719d9a0de0b5ca3

github.com/advisories/GHSA-xc4w-28g8-vqm5

github.com/gravitee-io/gravitee-api-management

nvd.nist.gov/vuln/detail/CVE-2022-38723

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

EPSS

0.002

Percentile

53.2%

JSON

Related for OSV:GHSA-VP62-M958-QJ8C