GHSA-W29M-FJP4-QHMQ

Vulnerability from github – Published: 2020-01-30 21:21 – Updated: 2021-01-14 17:45
VLAI?
Summary
Unsafe Identifiers in Opencast
Details

Impact

Opencast allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape working directories and write files to other locations.

In addition, Opencast's Id.toString(…) vs Id.compact(…) behavior, the latter trying to mitigate some of the file system problems, can cause errors due to identifier mismatch since an identifier may unintentionally change.

Patches

This issue is fixed in Opencast 7.6 and 8.1.

Workarounds

There is no workaround for this.

For more information

If you have any questions or comments about this advisory:

  • Open an issue in opencast/opencast
  • For security-relevant information, email us at security@opencast.org
Severity ?
7.7 (High)
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.opencastproject:base"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.opencastproject:base"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0"
            },
            {
              "fixed": "8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-5230"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-99"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-01-30T20:35:35Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nOpencast allows almost arbitrary identifiers for media packages and\nelements to be used. This can be problematic for operation and security\nsince such identifiers are sometimes used for file system operations\nwhich may lead to an attacker being able to escape working directories and\nwrite files to other locations.\n\nIn addition, Opencast\u0027s Id.toString(\u2026) vs Id.compact(\u2026) behavior,\nthe latter trying to mitigate some of the file system problems, can\ncause errors due to identifier mismatch since an identifier may\nunintentionally change.\n\n### Patches\n\nThis issue is fixed in Opencast 7.6 and 8.1.\n\n### Workarounds\n\nThere is no workaround for this.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n- Open an issue in [opencast/opencast](https://github.com/opencast/opencast/issues)\n- For security-relevant information, email us at security@opencast.org",
  "id": "GHSA-w29m-fjp4-qhmq",
  "modified": "2021-01-14T17:45:47Z",
  "published": "2020-01-30T21:21:50Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/opencast/opencast/security/advisories/GHSA-w29m-fjp4-qhmq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5230"
    },
    {
      "type": "WEB",
      "url": "https://github.com/opencast/opencast/commit/bbb473f34ab95497d6c432c81285efb0c739f317"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Unsafe Identifiers in Opencast"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.