CVE-2020-7599

{"id": "CVE-2020-7599", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-03-30T19:15:17.467", "references": [{"url": "https://blog.gradle.org/plugin-portal-update", "tags": ["Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://snyk.io/vuln/SNYK-JAVA-COMGRADLEPLUGINPUBLISH-559866", "tags": ["Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://blog.gradle.org/plugin-portal-update", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://snyk.io/vuln/SNYK-JAVA-COMGRADLEPLUGINPUBLISH-559866", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "All versions of com.gradle.plugin-publish before 0.11.0 are vulnerable to Insertion of Sensitive Information into Log File. When a plugin author publishes a Gradle plugin while running Gradle with the --info log level flag, the Gradle Logger logs an AWS pre-signed URL. If this build log is publicly visible (as it is in many popular public CI systems like TravisCI) this AWS pre-signed URL would allow a malicious actor to replace a recently uploaded plugin with their own."}, {"lang": "es", "value": "Todas las versiones de com.gradle.plugin-publishing anteriores a 0.11.0, son vulnerables a la Inserci\u00f3n de Informaci\u00f3n Confidencial en el Archivo de Registro (Log File). Cuando un autor del plugin publica un plugin de Gradle mientras ejecuta Gradle con el flag de nivel de registro --info, Gradle Logger registra una URL pre-firmada de AWS. Si este registro de compilaci\u00f3n es visible p\u00fablicamente (como lo es en muchos sistemas de CI p\u00fablicos populares como TravisCI), esta URL pre-firmada por AWS permitir\u00eda que un actor malicioso reemplace un plugin subido recientemente por el suyo."}], "lastModified": "2024-11-21T05:37:27.023", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gradle:plugin_publishing:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7375D0C7-B1FD-4EAD-A388-F9CA9A14F222", "versionEndExcluding": "0.11.0"}], "operator": "OR"}]}], "sourceIdentifier": "report@snyk.io"}