Description

In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file.

Remediation

References

http://archiva.apache.org/security.html#CVE-2019-0214

http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html

http://www.openwall.com/lists/oss-security/2019/04/30/8

http://www.securityfocus.com/bid/108124

https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E

https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E

https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E

https://seclists.org/bugtraq/2019/Apr/48

Related Vulnerabilities

CVE-2022-46686 Vulnerability in maven package io.jenkins.plugins:custom-build-properties

CVE-2016-4465 Vulnerability in maven package org.apache.struts.xwork:xwork-core

CVE-2018-1000170 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2018-11775 Vulnerability in maven package org.apache.activemq:activemq-broker

CVE-2022-25312 Vulnerability in maven package org.apache.any23:apache-any23

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Vendor Advisory Mitigation Third Party Advisory VDB Entry Mailing List NVD-CWE-noinfo