CVE-2021-43775 - OpenCVE

Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Aimstack	Aim

Configuration 1 [-]

cpe:2.3:a:aimstack:aim:*:*:*:*:*:python:*:*

No data.

References

Link	Providers
https://github.com/aimhubio/aim/blob/0b99c6ca08e0ba7e7011453a2f68033e9b1d1bce/aim/web/api/views.py#L9-L16
https://github.com/aimhubio/aim/issues/999
https://github.com/aimhubio/aim/pull/1003
https://github.com/aimhubio/aim/pull/1003/commits/f01266a1a479ef11d7d6c539e7dd89e9d5639738
https://github.com/aimhubio/aim/security/advisories/GHSA-8phj-f9w2-cjcc

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-11-23T19:15:13

Updated: 2024-08-04T04:03:08.638Z

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-43775

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-11-23T21:15:20.347

Modified: 2023-11-07T03:39:25.723

Link: CVE-2021-43775

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "aim", "vendor": "aimhubio", "versions": [{"status": "affected", "version": "< 3.1.0"}]}], "descriptions": [{"lang": "en", "value": "Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with \u201cdot-dot-slash (../)\u201d sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-23T19:15:12", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/aimhubio/aim/security/advisories/GHSA-8phj-f9w2-cjcc"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/aimhubio/aim/issues/999"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/aimhubio/aim/pull/1003"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/aimhubio/aim/pull/1003/commits/f01266a1a479ef11d7d6c539e7dd89e9d5639738"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/aimhubio/aim/blob/0b99c6ca08e0ba7e7011453a2f68033e9b1d1bce/aim/web/api/views.py#L9-L16"}], "source": {"advisory": "GHSA-8phj-f9w2-cjcc", "discovery": "UNKNOWN"}, "title": "Arbitrary file reading vulnerability in Aim", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-43775", "STATE": "PUBLIC", "TITLE": "Arbitrary file reading vulnerability in Aim"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "aim", "version": {"version_data": [{"version_value": "< 3.1.0"}]}}]}, "vendor_name": "aimhubio"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with \u201cdot-dot-slash (../)\u201d sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/aimhubio/aim/security/advisories/GHSA-8phj-f9w2-cjcc", "refsource": "CONFIRM", "url": "https://github.com/aimhubio/aim/security/advisories/GHSA-8phj-f9w2-cjcc"}, {"name": "https://github.com/aimhubio/aim/issues/999", "refsource": "MISC", "url": "https://github.com/aimhubio/aim/issues/999"}, {"name": "https://github.com/aimhubio/aim/pull/1003", "refsource": "MISC", "url": "https://github.com/aimhubio/aim/pull/1003"}, {"name": "https://github.com/aimhubio/aim/pull/1003/commits/f01266a1a479ef11d7d6c539e7dd89e9d5639738", "refsource": "MISC", "url": "https://github.com/aimhubio/aim/pull/1003/commits/f01266a1a479ef11d7d6c539e7dd89e9d5639738"}, {"name": "https://github.com/aimhubio/aim/blob/0b99c6ca08e0ba7e7011453a2f68033e9b1d1bce/aim/web/api/views.py#L9-L16", "refsource": "MISC", "url": "https://github.com/aimhubio/aim/blob/0b99c6ca08e0ba7e7011453a2f68033e9b1d1bce/aim/web/api/views.py#L9-L16"}]}, "source": {"advisory": "GHSA-8phj-f9w2-cjcc", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:03:08.638Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/aimhubio/aim/security/advisories/GHSA-8phj-f9w2-cjcc"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/aimhubio/aim/issues/999"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/aimhubio/aim/pull/1003"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/aimhubio/aim/pull/1003/commits/f01266a1a479ef11d7d6c539e7dd89e9d5639738"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/aimhubio/aim/blob/0b99c6ca08e0ba7e7011453a2f68033e9b1d1bce/aim/web/api/views.py#L9-L16"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-43775", "datePublished": "2021-11-23T19:15:13", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2024-08-04T04:03:08.638Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:aimstack:aim:*:*:*:*:*:python:*:*", "matchCriteriaId": "AE237926-EEBB-4E1F-9F74-FB5845332FC8", "versionEndExcluding": "3.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with \u201cdot-dot-slash (../)\u201d sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0."}, {"lang": "es", "value": "Aim es una herramienta de seguimiento de experimentos de aprendizaje autom\u00e1tico de c\u00f3digo abierto. Las versiones de Aim anteriores a la 3.1.0 son vulnerables a un ataque de salto de ruta. Mediante la manipulaci\u00f3n de variables que hacen referencia a archivos con secuencias \u201cdot-dot-slash (../)\u201d y sus variaciones o mediante el uso de rutas de archivo absolutas, puede ser posible acceder a archivos y directorios arbitrarios almacenados en el sistema de archivos, incluyendo el c\u00f3digo fuente de la aplicaci\u00f3n o la configuraci\u00f3n y los archivos cr\u00edticos del sistema. El problema de la vulnerabilidad ha sido resuelto en Aim versi\u00f3n v3.1.0"}], "id": "CVE-2021-43775", "lastModified": "2023-11-07T03:39:25.723", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-11-23T21:15:20.347", "references": [{"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/aimhubio/aim/blob/0b99c6ca08e0ba7e7011453a2f68033e9b1d1bce/aim/web/api/views.py#L9-L16"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/aimhubio/aim/issues/999"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/aimhubio/aim/pull/1003"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/aimhubio/aim/pull/1003/commits/f01266a1a479ef11d7d6c539e7dd89e9d5639738"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/aimhubio/aim/security/advisories/GHSA-8phj-f9w2-cjcc"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Secondary"}]}