cnvd - cnvd-2022-70076

CNVD-2022-70076

Vulnerability from cnvd - Published: 2022-10-21

Title

Spinnaker路径遍历漏洞

Description

Spinnaker是一个持续交付平台。用于以高速度和信心发布软件变更。 Spinnaker存在路径遍历漏洞，该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用此漏洞覆盖系统文件。

Severity

低

Patch Name

Spinnaker路径遍历漏洞的补丁

Patch Description

Spinnaker是一个持续交付平台。用于以高速度和信心发布软件变更。 Spinnaker存在路径遍历漏洞，该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用此漏洞覆盖系统文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-39143

Impacted products

Name
['Spinnaker Spinnaker <1.25.8', 'Spinnaker Spinnaker <1.26.7', 'Spinnaker Spinnaker <1.27.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-39143",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-39143"
    }
  },
  "description": "Spinnaker\u662f\u4e00\u4e2a\u6301\u7eed\u4ea4\u4ed8\u5e73\u53f0\u3002\u7528\u4e8e\u4ee5\u9ad8\u901f\u5ea6\u548c\u4fe1\u5fc3\u53d1\u5e03\u8f6f\u4ef6\u53d8\u66f4\u3002\n\nSpinnaker\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u5730\u8fc7\u6ee4\u8d44\u6e90\u6216\u6587\u4ef6\u8def\u5f84\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u8986\u76d6\u7cfb\u7edf\u6587\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-70076",
  "openTime": "2022-10-21",
  "patchDescription": "Spinnaker\u662f\u4e00\u4e2a\u6301\u7eed\u4ea4\u4ed8\u5e73\u53f0\u3002\u7528\u4e8e\u4ee5\u9ad8\u901f\u5ea6\u548c\u4fe1\u5fc3\u53d1\u5e03\u8f6f\u4ef6\u53d8\u66f4\u3002\r\n\r\nSpinnaker\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u5730\u8fc7\u6ee4\u8d44\u6e90\u6216\u6587\u4ef6\u8def\u5f84\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u8986\u76d6\u7cfb\u7edf\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Spinnaker\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Spinnaker Spinnaker \u003c1.25.8",
      "Spinnaker Spinnaker \u003c1.26.7",
      "Spinnaker Spinnaker \u003c1.27.0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-39143",
  "serverity": "\u4f4e",
  "submitTime": "2022-01-06",
  "title": "Spinnaker\u8def\u5f84\u904d\u5386\u6f0f\u6d1e"
}

CVE-2021-39143 (GCVE-0-2021-39143)

Vulnerability from cvelistv5 – Published: 2022-01-04 17:25 – Updated: 2025-04-22 18:34

Summary

Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don't override system files. This would allow an attacker to override files on the container, POTENTIALLY introducing a MITM type attack vector by replacing libraries or injecting wrapper files. Users are advised to update as soon as possible. For users unable to update disable Google AppEngine deployments and/or disable artifacts that provide TARs.

Severity ?

6.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

GitHub_M

References

URL

Tags

https://github.com/spinnaker/spinnaker/security/a…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	spinnaker	spinnaker	Affected: >= 1.26.0, < 1.26.7 Affected: >= 1.25.0, < 1.25.7 Affected: < 1.24.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:58:18.142Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-39143",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-22T15:52:32.456963Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-22T18:34:51.842Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "spinnaker",
          "vendor": "spinnaker",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.26.0, \u003c 1.26.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.25.0, \u003c 1.25.7"
            },
            {
              "status": "affected",
              "version": "\u003c 1.24.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don\u0027t override system files. This would allow an attacker to override files on the container, POTENTIALLY introducing a MITM type attack vector by replacing libraries or injecting wrapper files. Users are advised to update as soon as possible. For users unable to update disable Google AppEngine deployments and/or disable artifacts that provide TARs."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-04T17:25:10.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8"
        }
      ],
      "source": {
        "advisory": "GHSA-34jx-3vmr-56v8",
        "discovery": "UNKNOWN"
      },
      "title": "Path Traversal in spinnaker",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-39143",
          "STATE": "PUBLIC",
          "TITLE": "Path Traversal in spinnaker"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "spinnaker",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 1.26.0, \u003c 1.26.7"
                          },
                          {
                            "version_value": "\u003e= 1.25.0, \u003c 1.25.7"
                          },
                          {
                            "version_value": "\u003c 1.24.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "spinnaker"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don\u0027t override system files. This would allow an attacker to override files on the container, POTENTIALLY introducing a MITM type attack vector by replacing libraries or injecting wrapper files. Users are advised to update as soon as possible. For users unable to update disable Google AppEngine deployments and/or disable artifacts that provide TARs."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8",
              "refsource": "CONFIRM",
              "url": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-34jx-3vmr-56v8",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-39143",
    "datePublished": "2022-01-04T17:25:10.000Z",
    "dateReserved": "2021-08-16T00:00:00.000Z",
    "dateUpdated": "2025-04-22T18:34:51.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2022-70076

CVE-2021-39143 (GCVE-0-2021-39143)

Tags

Sightings

Nomenclature