CVE-2021-39143

Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don't override system files. This would allow an attacker to override files on the container, POTENTIALLY introducing a MITM type attack vector by replacing libraries or injecting wrapper files. Users are advised to update as soon as possible. For users unable to update disable Google AppEngine deployments and/or disable artifacts that provide TARs.

CVSS v3 6.6 MEDIUM
CVSS v2.0 3.6 LOW

6.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

3.6^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 3.9 / Impact : 4.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8	Exploit Technical Description Third Party Advisory
https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8	Exploit Technical Description Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:linuxfoundation:spinnaker::::::::
	cpe:2.3:a:linuxfoundation:spinnaker::::::::
	cpe:2.3:a:linuxfoundation:spinnaker::::::::

History

21 Nov 2024, 06:18

Type	Values Removed	Values Added
CVSS	v2 : ~~3.6~~ v3 : ~~7.1~~	v2 : 3.6 v3 : 6.6
References	~~() https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8 - Exploit, Technical Description, Third Party Advisory~~	() https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8 - Exploit, Technical Description, Third Party Advisory

Information

Published : 2022-01-04 18:15

Updated : 2024-11-21 06:18

NVD link : CVE-2021-39143

Mitre link : CVE-2021-39143

CVE.ORG link : CVE-2021-39143

JSON object : View

Products Affected

linuxfoundation

spinnaker

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2021-39143", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2022-01-04T18:15:08.087", "references": [{"url": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-34jx-3vmr-56v8", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don't override system files. This would allow an attacker to override files on the container, POTENTIALLY introducing a MITM type attack vector by replacing libraries or injecting wrapper files. Users are advised to update as soon as possible. For users unable to update disable Google AppEngine deployments and/or disable artifacts that provide TARs."}, {"lang": "es", "value": "Spinnaker es una plataforma de entrega continua multi-nube de c\u00f3digo abierto. Se ha detectado una vulnerabilidad de salto de ruta en el uso de archivos TAR por parte de AppEngine para los despliegues. Esto usa una utilidad para extraer archivos localmente para el despliegue sin comprender las rutas en ese despliegue no anulan los archivos del sistema. Esto permitir\u00eda a un atacante anular archivos en el contenedor, introduciendo POTENCIALMENTE un vector de ataque de tipo MITM mediante la sustituci\u00f3n de bibliotecas o la inyecci\u00f3n de archivos wrapper. Se recomienda a usuarios que actualicen lo antes posible. Para los usuarios que no puedan actualizar, deshabiliten los despliegues de Google AppEngine y/o deshabiliten los artefactos que proporcionan TARs"}], "lastModified": "2024-11-21T06:18:41.313", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:spinnaker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51B41C20-068F-4C5A-9DFC-881BE5647DF7", "versionEndExcluding": "1.24.7"}, {"criteria": "cpe:2.3:a:linuxfoundation:spinnaker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35DF5CEB-C2A0-4E6B-A342-7F9D86FF8B98", "versionEndExcluding": "1.25.7", "versionStartIncluding": "1.25.0"}, {"criteria": "cpe:2.3:a:linuxfoundation:spinnaker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13D2C5A9-95F0-4DB0-9FEE-CA87850872D8", "versionEndExcluding": "1.26.7", "versionStartIncluding": "1.26.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}