Описание
WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.
It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. This can lead to remote code execution.
Отчет
This vulnerability can only be exploited by users with deployment permissions.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| JBoss Developer Studio 11 | wildfly | Not affected | ||
| Red Hat BPM Suite 6 | wildfly | Not affected | ||
| Red Hat Fuse 7 | wildfly | Not affected | ||
| Red Hat JBoss BRMS 6 | wildfly | Not affected | ||
| Red Hat JBoss Data Grid 6 | wildfly | Not affected | ||
| Red Hat JBoss Data Virtualization 6 | wildfly | Out of support scope | ||
| Red Hat JBoss Enterprise Application Platform 6 | wildfly | Not affected | ||
| Red Hat JBoss Fuse 6 | wildfly | Not affected | ||
| Red Hat JBoss Operations Network 3 | wildfly | Not affected | ||
| Red Hat OpenShift Application Runtimes | wildfly | Affected |
Показывать по
Дополнительная информация
Статус:
7.6 High
CVSS3
Связанные уязвимости
WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.
WildFly Core before version 6.0.0.Alpha3 does not properly validate fi ...
Improper Limitation of a Pathname to a Restricted Directory in WildFly
7.6 High
CVSS3