CVE-2015-1834

{"id": "CVE-2015-1834", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-05-25T17:29:00.287", "references": [{"url": "http://www.securityfocus.com/bid/98691", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security_alert@emc.com"}, {"url": "https://pivotal.io/security/cve-2015-1834", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/bid/98691", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://pivotal.io/security/cve-2015-1834", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. Path traversal is the 'outbreak' of a given directory structure through relative file paths in the user input. It aims at accessing files and directories that are stored outside the web root folder, for disallowed reading or even executing arbitrary system commands. An attacker could use a certain parameter of the file path for instance to inject '../' sequences in order to navigate through the file system. In this particular case a remote authenticated attacker can exploit the identified vulnerability in order to upload arbitrary files to the server running a Cloud Controller instance - outside the isolated application container."}, {"lang": "es", "value": "Una vulnerabilidad de salto de directorio ha sido identificada en el componente Cloud Controller de Cloud Foundry, versiones anteriores a la v208 y en Pivotal Cloud Foundry Elastic Runtime, versiones anteriores a la 1.4.2. Un salto de directorio puede originarse a trav\u00e9s de una estructura de directorios relativa a la ruta de un fichero apuntada en una entrada de usuario. El objetivo es el acceso a ficheros y directorios situados fuera de la carpeta web ra\u00edz, con la finalidad de realizar lecturas no autorizadas o incluso ejecutar comandos de sistema arbitrarios. Un atacante podr\u00eda utilizar un cierto par\u00e1metro de la ruta del fichero para p.e. inyectar secuencias de '../' para navegar a trav\u00e9s del sistema de ficheros. En este caso particular, un atacante remoto autenticado pudr\u00eda explotar esta vulnerabilidad para cargar ficheros arbitrarios en el servidor donde se est\u00e1 ejecutando una instancia de Cloud Controller fuera del contenedor que a\u00edsla a la aplicaci\u00f3n."}], "lastModified": "2024-11-21T02:26:14.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cloudfoundry:cf-release:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C42A408-570D-42C3-B5AF-C173D14B7CE6", "versionEndIncluding": "207"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "567FE032-B2D3-47EC-9CCB-2298311C1924", "versionEndIncluding": "1.4.1"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}