Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43955
HistoryOct 24, 2023 - 4:47 a.m.

Arbitrary File Write

2023-10-2404:47:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
arbitrary file write
path traversal
io.scala
zip
jar
pullremotecache
resolvers.remote
software

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

21.0%

sbt is vulnerable to Path Traversal. The vulnerability is a result of the absence of path sanitization in the IO.scala file. This oversight allows an attacker to access files outside the expected directory and write arbitrary files. An attacker can exploit this vulnerability by providing a maliciously crafted zip or JAR file through the /root/.ssh/authorized_keys if the IO.unzip is used in the pullRemoteCache task and Resolvers.remote

Affected configurations

Vulners
Node
veracodesbtRange1.9.61.9.6
OR
veracodesbtRange2.0.0-alpha72.0.0-alpha7
OR
veracodesbtRange1.9.61.9.6
OR
veracodesbtRange2.0.0-alpha72.0.0-alpha7
VendorProductVersionCPE
veracodesbt*cpe:2.3:a:veracode:sbt:*:*:*:*:*:*:*:*

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

21.0%