{ "id": "CVE-2021-22118", "sourceIdentifier": "security@vmware.com", "published": "2021-05-27T15:15:07.437", "lastModified": "2022-10-25T20:57:05.947", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data." }, { "lang": "es", "value": "En Spring Framework, versiones 5.2.x anteriores a 5.2.15 y versiones 5.3.x anteriores a 5.3.7, una aplicaci\u00f3n WebFlux es vulnerable a una escalada de privilegios: al (re)crear el directorio de almacenamiento temporal, un usuario malicioso autenticado localmente puede leer o modificar archivos que han sido subidos a la aplicaci\u00f3n WebFlux, o sobrescribir archivos arbitrarios con petici\u00f3n de datos de m\u00faltiples partes" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 4.6 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-668" } ] }, { "source": "security@vmware.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-269" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.2.0", "versionEndExcluding": "5.2.15", "matchCriteriaId": "F640822D-4742-4F05-B70C-82B83EE95D45" }, { "vulnerable": true, "criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3.0", "versionEndExcluding": "5.3.7", "matchCriteriaId": "F80D8729-8629-4DFF-8A09-8765E847EF01" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "06594847-96ED-4541-B2F4-C7331B603603" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "868E7C46-7E45-4CFA-8A25-7CBFED912096" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "45E5C9B0-AB25-4744-88E4-FD0C4A853001" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AB059F2-FEC4-4180-8A90-39965495055E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A276784-877B-4A29-A8F1-70518A438A9A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndIncluding": "8.1.0", "matchCriteriaId": "B5B4A191-44AE-4C35-9164-19237D2CF013" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.2.0", "versionEndIncluding": "8.2.3", "matchCriteriaId": "A543B4F8-149A-48AB-B388-AB7FA2ECAC18" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.2.0", "versionEndIncluding": "8.2.4.0", "matchCriteriaId": "0331877D-D5DB-4EE8-8220-C1CDC3F90CB0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "E812639B-EE28-4C68-9F6F-70C8BF981C86" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "B21E6EEF-2AB7-4E96-B092-1F49D11B4175" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndIncluding": "8.2.4.0", "matchCriteriaId": "9B7C949D-0AB3-4566-9096-014C82FC1CF1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndIncluding": "8.2.4.0", "matchCriteriaId": "3E419C70-9516-4C63-997B-60B20E30A30D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7637F8B-15F1-42E2-BE18-E1FF7C66587D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E43D793A-7756-4D58-A8ED-72DC4EC9CEA7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "0EBC7EB1-FD72-4BFC-92CC-7C8B8E462D7C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.6.0", "versionEndIncluding": "12.6.4", "matchCriteriaId": "135D531C-A692-4BE3-AB8C-37BB0D35559A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "36CF85A9-2C29-46E7-961E-8ADD0B5822CF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E80555C7-DA1C-472C-9467-19554DCE4476" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.8", "versionEndIncluding": "8.1.1", "matchCriteriaId": "DC1C79CD-1833-451C-821D-369B09D672FB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "66C673C4-A825-46C0-816B-103E1C058D03" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:insurance_policy_administration:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.0", "versionEndIncluding": "11.3.1", "matchCriteriaId": "8E883986-13DA-470F-95C4-BEBD0EDFEB9C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F3E25293-CB03-44CE-A8ED-04B3A0487A6A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4F9721E3-EE25-4C8A-9E0A-E60D465E0A97" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "212AC8FA-90E8-4FDF-BC57-D17CD8F2E35C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D7A6C04D-43B3-4B83-A185-7CBD838C97E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E2B51896-E4DA-4FDA-979F-481FFB3E588A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "versionEndIncluding": "8.0.25", "matchCriteriaId": "88627B99-16DC-4878-A63A-A40F6FC1F477" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_assortment_planning:16.0:*:*:*:*:*:*:*", "matchCriteriaId": "1BBFE031-4BD1-4501-AC62-DC0AFC2167B7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.0", "versionEndIncluding": "19.0", "matchCriteriaId": "B92BB355-DB00-438E-84E5-8EC007009576" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "798E4FEE-9B2B-436E-A2B3-B8AA1079892A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB86F6C3-981E-4ECA-A5EB-9A9CD73D70C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_financial_integration:16.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6B042849-7EF5-4A5F-B6CD-712C0B8735BF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "8CFCE558-9972-46A2-8539-C16044F1BAA9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_integration_bus:16.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "822A3C37-86F2-4E91-BE91-2A859F983941" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*", "matchCriteriaId": "38E74E68-7F19-4EF3-AC00-3C249EAAA39E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "6B1A4F12-3E64-41CF-B2B3-B6AB734B69E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "24A3C819-5151-4543-A5C6-998C9387C8A2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "4FB98961-8C99-4490-A6B8-9A5158784F5A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3ED272C-A545-4F8C-86C0-2736B3F2DCAF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C5B4C338-11E1-4235-9D5A-960B2711AC39" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "8C93F84E-9680-44EF-8656-D27440B51698" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", "matchCriteriaId": "86B51137-28D9-41F2-AFA2-3CC22B4954D1" } ] } ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20210713-0005/", "source": "security@vmware.com", "tags": [ "Third Party Advisory" ] }, { "url": "https://tanzu.vmware.com/security/cve-2021-22118", "source": "security@vmware.com", "tags": [ "Third Party Advisory" ] }, { "url": "https://www.oracle.com//security-alerts/cpujul2021.html", "source": "security@vmware.com", "tags": [ "Patch", "Third Party Advisory" ] }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "source": "security@vmware.com", "tags": [ "Patch", "Third Party Advisory" ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html", "source": "security@vmware.com", "tags": [ "Patch", "Third Party Advisory" ] }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html", "source": "security@vmware.com", "tags": [ "Patch", "Third Party Advisory" ] }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "source": "security@vmware.com", "tags": [ "Patch", "Third Party Advisory" ] } ] }