CVE-2022-29253 - OpenCVE

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with ".." in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Xwiki	Xwiki

Configuration 1 [-]

OR	cpe:2.3:a:xwiki:xwiki::::::::
	cpe:2.3:a:xwiki:xwiki:8.3:rc1::::::

No data.

References

Link	Providers
https://github.com/xwiki/xwiki-platform/commit/4917c8f355717bb636d763844528b1fe0f95e8e2
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9qrp-h7fw-42hg
https://jira.xwiki.org/browse/XWIKI-19349

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-05-25T20:55:10

Updated: 2024-08-03T06:17:54.535Z

Reserved: 2022-04-13T00:00:00

Link: CVE-2022-29253

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-05-25T21:15:08.470

Modified: 2022-06-07T19:48:48.287

Link: CVE-2022-29253

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "xwiki-platform", "vendor": "xwiki", "versions": [{"status": "affected", "version": ">= 8.3-rc-1, < 13.10.3"}]}], "descriptions": [{"lang": "en", "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with \"..\" in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-24", "description": "CWE-24: Path Traversal: '../filedir'", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-25T20:55:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9qrp-h7fw-42hg"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/xwiki/xwiki-platform/commit/4917c8f355717bb636d763844528b1fe0f95e8e2"}, {"tags": ["x_refsource_MISC"], "url": "https://jira.xwiki.org/browse/XWIKI-19349"}], "source": {"advisory": "GHSA-9qrp-h7fw-42hg", "discovery": "UNKNOWN"}, "title": "Path Traversal in XWiki Platform", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-29253", "STATE": "PUBLIC", "TITLE": "Path Traversal in XWiki Platform"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xwiki-platform", "version": {"version_data": [{"version_value": ">= 8.3-rc-1, < 13.10.3"}]}}]}, "vendor_name": "xwiki"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with \"..\" in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-24: Path Traversal: '../filedir'"}]}, {"description": [{"lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9qrp-h7fw-42hg", "refsource": "CONFIRM", "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9qrp-h7fw-42hg"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/4917c8f355717bb636d763844528b1fe0f95e8e2", "refsource": "MISC", "url": "https://github.com/xwiki/xwiki-platform/commit/4917c8f355717bb636d763844528b1fe0f95e8e2"}, {"name": "https://jira.xwiki.org/browse/XWIKI-19349", "refsource": "MISC", "url": "https://jira.xwiki.org/browse/XWIKI-19349"}]}, "source": {"advisory": "GHSA-9qrp-h7fw-42hg", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:17:54.535Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9qrp-h7fw-42hg"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/xwiki/xwiki-platform/commit/4917c8f355717bb636d763844528b1fe0f95e8e2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jira.xwiki.org/browse/XWIKI-19349"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-29253", "datePublished": "2022-05-25T20:55:10", "dateReserved": "2022-04-13T00:00:00", "dateUpdated": "2024-08-03T06:17:54.535Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", "matchCriteriaId": "0171AD53-37B6-4C36-8F83-4BDE9C69A85D", "versionEndExcluding": "13.10.3", "versionStartIncluding": "8.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:xwiki:xwiki:8.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "49DDDADA-8295-4CF6-946D-3C1592095B6C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with \"..\" in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue."}, {"lang": "es", "value": "La plataforma XWiki es una plataforma wiki gen\u00e9rica que ofrece servicios de tiempo de ejecuci\u00f3n para las aplicaciones construidas sobre ella. A partir de la versi\u00f3n 8.3-rc-1 y en versiones anteriores a 12.10.3 y 14.0, puede solicitarse cualquier archivo ubicado en el cargador de clases usando la API de plantillas y una ruta con \"..\" en ella. El problema est\u00e1 parcheado en las versiones 14.0 y 13.10.3. No se presenta una mitigaci\u00f3n f\u00e1cil para este problema"}], "id": "CVE-2022-29253", "lastModified": "2022-06-07T19:48:48.287", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-05-25T21:15:08.470", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/xwiki/xwiki-platform/commit/4917c8f355717bb636d763844528b1fe0f95e8e2"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9qrp-h7fw-42hg"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://jira.xwiki.org/browse/XWIKI-19349"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-24"}], "source": "security-advisories@github.com", "type": "Secondary"}]}