CVE-2018-14335
published 2018-07-24CVE-2018-14335: An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their…
PriorityP349medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EXPLOIT
EPSS
13.39%
95.9th percentile
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| h2database | h2 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
osv6.5MEDIUM
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wm64-883p-84j3: An issue was discovered in H2 1
ghsa_unreviewed·2022-05-13
CVE-2018-14335 [MEDIUM] CWE-276 GHSA-wm64-883p-84j3: An issue was discovered in H2 1
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
OSV
CVE-2018-14335: An issue was discovered in H2 1
osv·2018-07-24·CVSS 6.5
CVE-2018-14335 [MEDIUM] CVE-2018-14335: An issue was discovered in H2 1
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
Red Hat
h2: Information Exposure due to insecure handling of permissions in the backup
vendor_redhat·2018-07-23·CVSS 6.5
CVE-2018-14335 [MEDIUM] CWE-200 h2: Information Exposure due to insecure handling of permissions in the backup
h2: Information Exposure due to insecure handling of permissions in the backup
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
Package: h2 (Red Hat Fuse 7) - Not affected
Package: h2 (Red Hat JBoss BRMS 5) - Out of support scope
Package: h2 (Red Hat JBoss BRMS 6) - Out of support scope
Package: h2 (Red Hat JBoss Data Virtualization 6) - Out of support scope
Package: h2 (Red Hat JBoss Enterprise Application Platform 6) - Will not fix
Package: h2 (Red Hat JBoss Enterprise Application Platform 7) - Will not fix
Package: h2 (Red Hat JBoss Fuse 6) - Out of support scope
Package: h2 (Red Hat JBoss Fuse Service Works 6) - Out of sup
No detection rules found.
Bugzilla
CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup
bugzilla·2018-08-01·CVSS 6.5
CVE-2018-14335 [MEDIUM] CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup
CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
References:
https://gist.github.com/owodelta/9714faf9a86435cef5a99d4930eaee20
Discussion:
Created h2 tracking bugs for this issue:
Affects: fedora-all [bug 1610878]
---
This vulnerability is out of security support scope for the following products:
* Red Hat JBoss Fuse 6
* Red Hat JBoss Fuse Service Works 6
* Red Hat JBoss Operations Network 3
* Red Hat JBoss SOA Platform 5
* Red Hat JBoss BRMS 5
* Red Hat JBoss Data Virtualization & Services 6
* Red Hat JBoss BRMS 6
Please refer to htt
Bugzilla
CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup [fedora-all]
bugzilla·2018-08-01·CVSS 6.5
CVE-2018-14335 [MEDIUM] CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup [fedora-all]
CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affect
https://access.redhat.com/errata/RHSA-2020:0727https://gist.github.com/owodelta/9714faf9a86435cef5a99d4930eaee20https://lists.apache.org/thread.html/582d4165de6507b0be82d5a6f9a1ce392ec43a00c9fed32bacf7fe1e%40%3Cuser.ignite.apache.org%3Ehttps://security.netapp.com/advisory/ntap-20240726-0003/https://www.exploit-db.com/exploits/45105/https://access.redhat.com/errata/RHSA-2020:0727https://gist.github.com/owodelta/9714faf9a86435cef5a99d4930eaee20https://lists.apache.org/thread.html/582d4165de6507b0be82d5a6f9a1ce392ec43a00c9fed32bacf7fe1e%40%3Cuser.ignite.apache.org%3Ehttps://security.netapp.com/advisory/ntap-20240726-0003/https://www.exploit-db.com/exploits/45105/
2018-07-24
Published