Description

In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file.

Remediation

References

http://archiva.apache.org/security.html#CVE-2019-0214

http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html

http://www.openwall.com/lists/oss-security/2019/04/30/8

http://www.securityfocus.com/bid/108124

https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E

https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E

https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E

https://seclists.org/bugtraq/2019/Apr/48

Related Vulnerabilities

CVE-2020-2217 Vulnerability in maven package org.jenkins-ci.plugins:compatibility-action-storage

CVE-2021-29480 Vulnerability in maven package io.ratpack:ratpack-session

CVE-2023-28675 Vulnerability in maven package org.jenkinsci.plugins:octoperf

CVE-2020-2271 Vulnerability in maven package org.jenkins-ci.plugins:locked-files-report

CVE-2022-46684 Vulnerability in maven package com.checkmarx.jenkins:checkmarx

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Vendor Advisory Mitigation Third Party Advisory VDB Entry Mailing List NVD-CWE-noinfo