CVE-2018-11798
thrift: Improper Access Control grants access to files outside the webservers docroot path
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path.
El servidor web estático Node.js de Apache Thrift, desde su versión 0.9.2 hasta la 0.11.0, contiene una vulnerabilidad de seguridad en la que un usuario remoto tiene la capacidad de acceder a archivos fuera de la ruta webservers docroot predeterminada.
A flaw was found in the Node.js static web server in Apache Thrift, where it allowed a remote user to access files outside of the set web servers' docroot path. An attacker could use this flaw to possibly access unauthorized files and sensitive information.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-06-05 CVE Reserved
- 2018-10-05 First Exploit
- 2019-01-07 CVE Published
- 2024-01-01 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/106501 | Third Party Advisory | |
| https://lists.apache.org/thread.html/6e9edd282684896cedf615fb67a02bebfe6007f2d5baf03ba52e34fd%40%3Cuser.thrift.apache.org%3E | X_refsource_misc | |
| https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/ossf-cve-benchmark/CVE-2018-11798 | 2018-10-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:1545 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2019:3140 | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2018-11798 | 2019-10-17 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1667188 | 2019-10-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Thrift Search vendor "Apache" for product "Thrift" | >= 0.9.2 <= 0.11.0 Search vendor "Apache" for product "Thrift" and version " >= 0.9.2 <= 0.11.0" | node.js |
Affected
| ||||||