Description

In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file.

Remediation

References

http://archiva.apache.org/security.html#CVE-2019-0214

http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html

http://www.openwall.com/lists/oss-security/2019/04/30/8

http://www.securityfocus.com/bid/108124

https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E

https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E

https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E

https://seclists.org/bugtraq/2019/Apr/48

Related Vulnerabilities

CVE-2018-16131 Vulnerability in maven package com.typesafe.akka:akka-http-core_2.12

CVE-2022-28135 Vulnerability in maven package org.jvnet.hudson.plugins:instant-messaging

CVE-2020-10687 Vulnerability in maven package io.undertow:undertow-core

CVE-2021-34435 Vulnerability in npm package @theia/mini-browser

CVE-2022-42466 Vulnerability in maven package org.apache.isis.extensions:isis-extensions-fullcalendar-applib

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Vendor Advisory Mitigation Third Party Advisory VDB Entry Mailing List NVD-CWE-noinfo