CVE-2024-52522

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability. This vulnerability is fixed in 1.68.2.

CVSS

No CVSS.

References

Link	Resource
https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0
https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv

Configurations

No configuration.

History

21 Nov 2024, 15:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~5.5~~	v2 : unknown v3 : unknown

18 Nov 2024, 17:11

Type	Values Removed	Values Added
Summary		(es) Rclone es un programa de línea de comandos para sincronizar archivos y directorios desde y hacia diferentes proveedores de almacenamiento en la nube. El manejo inseguro de enlaces simbólicos con --links y --metadata en rclone mientras se copia al disco local permite a los usuarios sin privilegios modificar indirectamente la propiedad y los permisos en los archivos de destino de los enlaces simbólicos cuando un superusuario o un proceso privilegiado realiza una copia. Esta vulnerabilidad podría permitir la escalada de privilegios y el acceso no autorizado a archivos críticos del sistema, lo que compromete la integridad, la confidencialidad y la disponibilidad del sistema. Esta vulnerabilidad se corrigió en la versión 1.68.2.

15 Nov 2024, 19:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

15 Nov 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-15 18:15

Updated : 2024-11-21 15:15

NVD link : CVE-2024-52522

Mitre link : CVE-2024-52522

CVE.ORG link : CVE-2024-52522

JSON object : View

Products Affected

No product.

CWE

CWE-59

Improper Link Resolution Before File Access ('Link Following')

CWE-61

UNIX Symbolic Link (Symlink) Following

CWE-281

Improper Preservation of Permissions

{"id": "CVE-2024-52522", "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 5.4, "automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "LOW", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "LOW", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-11-15T18:15:30.643", "references": [{"url": "https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0", "source": "security-advisories@github.com"}, {"url": "https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-59"}, {"lang": "en", "value": "CWE-61"}, {"lang": "en", "value": "CWE-281"}]}], "descriptions": [{"lang": "en", "value": "Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability. This vulnerability is fixed in 1.68.2."}, {"lang": "es", "value": "Rclone es un programa de l\u00ednea de comandos para sincronizar archivos y directorios desde y hacia diferentes proveedores de almacenamiento en la nube. El manejo inseguro de enlaces simb\u00f3licos con --links y --metadata en rclone mientras se copia al disco local permite a los usuarios sin privilegios modificar indirectamente la propiedad y los permisos en los archivos de destino de los enlaces simb\u00f3licos cuando un superusuario o un proceso privilegiado realiza una copia. Esta vulnerabilidad podr\u00eda permitir la escalada de privilegios y el acceso no autorizado a archivos cr\u00edticos del sistema, lo que compromete la integridad, la confidencialidad y la disponibilidad del sistema. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 1.68.2."}], "lastModified": "2024-11-21T15:15:33.637", "sourceIdentifier": "security-advisories@github.com"}