cnvd - cnvd-2020-20709

CNVD-2020-20709

Vulnerability from cnvd - Published: 2020-04-01

Title

Eclipse Theia数据伪造问题漏洞

Description

Eclipse Theia是Eclipse基金会的一套基于Visual Studio Code的用于桌面和Web应用程序的开源集成开发环境框架。 Eclipse Theia 0.3.9版本至0.15.0版本中存在数据伪造问题漏洞。远程攻击者可利用该漏洞读取主机文件系统上所指定路径下的文件内容。

Severity

高

Patch Name

Eclipse Theia数据伪造问题漏洞的补丁

Patch Description

Eclipse Theia是Eclipse基金会的一套基于Visual Studio Code的用于桌面和Web应用程序的开源集成开发环境框架。 Eclipse Theia 0.3.9版本至0.15.0版本中存在数据伪造问题漏洞。远程攻击者可利用该漏洞读取主机文件系统上所指定路径下的文件内容。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-17636

Impacted products

Name
Eclipse Eclipse Theia >=0.3.9，<=0.15.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-17636",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-17636"
    }
  },
  "description": "Eclipse Theia\u662fEclipse\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eVisual Studio Code\u7684\u7528\u4e8e\u684c\u9762\u548cWeb\u5e94\u7528\u7a0b\u5e8f\u7684\u5f00\u6e90\u96c6\u6210\u5f00\u53d1\u73af\u5883\u6846\u67b6\u3002\n\nEclipse Theia 0.3.9\u7248\u672c\u81f30.15.0\u7248\u672c\u4e2d\u5b58\u5728\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u4e3b\u673a\u6587\u4ef6\u7cfb\u7edf\u4e0a\u6240\u6307\u5b9a\u8def\u5f84\u4e0b\u7684\u6587\u4ef6\u5185\u5bb9\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bugs.eclipse.org/bugs/show_bug.cgi?id=551747",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-20709",
  "openTime": "2020-04-01",
  "patchDescription": "Eclipse Theia\u662fEclipse\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eVisual Studio Code\u7684\u7528\u4e8e\u684c\u9762\u548cWeb\u5e94\u7528\u7a0b\u5e8f\u7684\u5f00\u6e90\u96c6\u6210\u5f00\u53d1\u73af\u5883\u6846\u67b6\u3002\r\n\r\nEclipse Theia 0.3.9\u7248\u672c\u81f30.15.0\u7248\u672c\u4e2d\u5b58\u5728\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u4e3b\u673a\u6587\u4ef6\u7cfb\u7edf\u4e0a\u6240\u6307\u5b9a\u8def\u5f84\u4e0b\u7684\u6587\u4ef6\u5185\u5bb9\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Eclipse Theia\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Eclipse Eclipse Theia \u003e=0.3.9\uff0c\u003c=0.15.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-17636",
  "serverity": "\u9ad8",
  "submitTime": "2020-03-24",
  "title": "Eclipse Theia\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e"
}

CVE-2019-17636 (GCVE-0-2019-17636)

Vulnerability from cvelistv5 – Published: 2020-03-10 14:30 – Updated: 2024-08-05 01:47

Summary

In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given their path, without restrictions on the requester's origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit.

Severity ?

No CVSS data available.

CWE

CWE-345 - CWE: CWE-345: Insufficient Verification of Data Authenticity

Assigner

eclipse

References

URL

Tags

https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	The Eclipse Foundation	Eclipse Theia	Affected: 0.3.9 to 0.15.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:47:13.536Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Eclipse Theia",
          "vendor": "The Eclipse Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "0.3.9 to 0.15.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is \"Mini-Browser\", published as \"@theia/mini-browser\" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host\u0027s filesystem, given their path, without restrictions on the requester\u0027s origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-345",
              "description": "CWE: CWE-345: Insufficient Verification of Data Authenticity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-10T14:30:14",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@eclipse.org",
          "ID": "CVE-2019-17636",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Eclipse Theia",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.3.9 to 0.15.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "The Eclipse Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is \"Mini-Browser\", published as \"@theia/mini-browser\" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host\u0027s filesystem, given their path, without restrictions on the requester\u0027s origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE: CWE-345: Insufficient Verification of Data Authenticity"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747",
              "refsource": "CONFIRM",
              "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2019-17636",
    "datePublished": "2020-03-10T14:30:14",
    "dateReserved": "2019-10-16T00:00:00",
    "dateUpdated": "2024-08-05T01:47:13.536Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-20709

CVE-2019-17636 (GCVE-0-2019-17636)

Tags

Sightings

Nomenclature