OpenCVE

GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Git-scm	Git

Configuration 1 [-]

cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://nvd.nist.gov/vuln/detail/CVE-2018-1000021
https://www.cve.org/CVERecord?id=CVE-2018-1000021

History

Thu, 24 Oct 2024 18:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_0 `{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`	cvssV3_1 `{'score': 5.0, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L'}` cvssV3_0 `{'score': 5.0, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-02-09T23:00:00

Updated: 2024-08-05T12:33:48.619Z

Reserved: 2018-01-29T00:00:00

Link: CVE-2018-1000021

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-02-09T23:29:00.557

Modified: 2024-10-24T17:58:28.347

Link: CVE-2018-1000021

Redhat

Severity : Moderate

Publid Date: 2018-01-06T00:00:00Z

Links: CVE-2018-1000021 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-01-06T00:00:00", "datePublic": "2018-01-06T00:00:00", "descriptions": [{"lang": "en", "value": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-02-09T22:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "1/6/2018 4:59:26", "ID": "CVE-2018-1000021", "REQUESTER": "riley@mailo.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html", "refsource": "MISC", "url": "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:33:48.619Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000021", "datePublished": "2018-02-09T23:00:00", "dateReserved": "2018-01-29T00:00:00", "dateUpdated": "2024-08-05T12:33:48.619Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", "matchCriteriaId": "558FC963-17F8-4158-8B3B-1F975D6E3902", "versionEndIncluding": "2.15.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack)."}, {"lang": "es", "value": "GIT, en versiones 2.15.1 y anteriores, contiene una vulnerabilidad de error de validaci\u00f3n de entradas en Client que puede resultar en problemas que incluyen errores de configuraci\u00f3n de terminal en RCE. Parece ser que este ataque puede ser explotado mediante un usuario que interact\u00fae con un servidor git malicioso (o que haga que el tr\u00e1fico se modifique en un ataque MITM)."}], "id": "CVE-2018-1000021", "lastModified": "2024-10-24T17:58:28.347", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-09T23:29:00.557", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands", "id": "1541854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541854"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.0", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-78", "details": ["GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).", "It was found that the Git client printed server-sent ANSI escape codes to the terminal without any sanitization, leading to execution of arbitrary escape sequences in the terminal emulator. Exploitation of this flaw by a MitM attacker could potentially result in code execution, arbitrary file writes, or other attacks under highly specific circumstances dependent on the usage of a vulnerable terminal emulator by the user."], "name": "CVE-2018-1000021", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "git", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "git", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "git", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-git29-git", "product_name": "Red Hat Software Collections"}], "public_date": "2018-01-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-1000021\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1000021\nhttp://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html"], "statement": "The vulnerability is considered moderate rather than important due to the specific and limited conditions required for exploitation. For an attack to succeed, a MitM attacker would need to intercept Git traffic and inject specially crafted ANSI escape sequences. The severity is mitigated by the fact that not all terminal emulators interpret escape sequences in a way that could result in code execution or harmful actions. Modern terminal emulators, especially those used in Red Hat Enterprise Linux, typically sanitize escape sequences or do not support dangerous behaviors like file manipulation or code execution triggered via ANSI sequences. As a result, the potential impact is constrained to terminal emulators with flawed handling of escape codes, reducing the overall risk.", "threat_severity": "Moderate"}