Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-14335Link Following in H2

CWE-59Link FollowingCWE-276Incorrect Default PermissionsCWE-277Insecure Inherited PermissionsCWE-200Sensitive Information Exposure7 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
8.5%
top 7.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
H2database H2
Timeline
PublishedJul 24
Latest updateMay 13

Description

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDh2database/h21.4.197

🔴Vulnerability Details

2
GHSA
GHSA-wm64-883p-84j3: An issue was discovered in H2 12022-05-13
OSV
CVE-2018-14335: An issue was discovered in H2 12018-07-24

💥Exploits & PoCs

1
Exploit-DB
H2 Database 1.4.197 - Information Disclosure2018-07-30

📋Vendor Advisories

1
Red Hat
h2: Information Exposure due to insecure handling of permissions in the backup2018-07-23

💬Community

2
Bugzilla
CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup2018-08-01
Bugzilla
CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup [fedora-all]2018-08-01
CVE-2018-14335 — Link Following in H2database H2 | cvebase