{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-35887", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-06-19T15:49:53.163Z", "datePublished": "2023-07-10T09:28:54.987Z", "dateUpdated": "2024-08-02T16:37:39.870Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache MINA SSHD", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "2.10", "status": "affected", "version": "1.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Andrew Pikler"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA.<br><br>In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover \"exists/does not exist\" information about items outside the rooted tree via paths including parent navigation (\"..\") beyond the root, or involving symlinks.<br><br>This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10<br>"}], "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA.\n\nIn SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover \"exists/does not exist\" information about items outside the rooted tree via paths including parent navigation (\"..\") beyond the root, or involving symlinks.\n\nThis issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-19T07:18:06.740Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2"}], "source": {"defect": ["SSHD-1324"], "discovery": "EXTERNAL"}, "title": "Apache MINA SSHD: Information disclosure bugs with RootedFilesystem", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:37:39.870Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*", "matchCriteriaId": "6975BA01-F3B2-4A87-8BC6-74109C5BA3B0", "versionEndExcluding": "2.9.3", "versionStartIncluding": "1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA.\n\nIn SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover \"exists/does not exist\" information about items outside the rooted tree via paths including parent navigation (\"..\") beyond the root, or involving symlinks.\n\nThis issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10\n"}], "id": "CVE-2023-35887", "lastModified": "2023-11-21T14:38:55.627", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "security@apache.org", "type": "Secondary"}]}, "published": "2023-07-10T16:15:53.050", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@apache.org", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:7641", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package": "sshd-common", "product_name": "EAP 7.4.14", "release_date": "2023-12-04T00:00:00Z"}, {"advisory": "RHSA-2024:1194", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", "impact": "low", "package": "sshd-common", "product_name": "EAP 8.0.1", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2023:7700", "cpe": "cpe:/a:redhat:quarkus:2.13::el8", "package": "org.apache.sshd/sshd-common:2.10.0.redhat-00002", "product_name": "Red Hat build of Quarkus 2.13.9.Final", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:5396", "cpe": "cpe:/a:redhat:jboss_data_grid:8", "package": "apache-mina", "product_name": "Red Hat Data Grid 8.4.4", "release_date": "2023-09-28T00:00:00Z"}, {"advisory": "RHSA-2023:7638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2023-12-04T00:00:00Z"}, {"advisory": "RHSA-2023:7638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2023-12-04T00:00:00Z"}, {"advisory": "RHSA-2023:7639", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2023-12-04T00:00:00Z"}, {"advisory": "RHSA-2023:7639", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2023-12-04T00:00:00Z"}, {"advisory": "RHSA-2023:7637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2023-12-04T00:00:00Z"}, {"advisory": "RHSA-2023:7637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2023-12-04T00:00:00Z"}, {"advisory": "RHSA-2024:1192", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "impact": "low", "package": "eap8-apache-sshd-0:2.12.0-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1192", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "impact": "low", "package": "eap8-eclipse-jgit-0:6.6.1.202309021850-1.r_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1192", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "impact": "low", "package": "eap8-log4j-0:2.19.0-2.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1192", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "impact": "low", "package": "eap8-lucene-solr-0:8.11.2-2.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1192", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "impact": "low", "package": "eap8-parsson-0:1.1.5-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1192", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "impact": "low", "package": "eap8-wildfly-0:8.0.1-3.GA_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1193", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "impact": "low", "package": "eap8-apache-sshd-0:2.12.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1193", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "impact": "low", "package": "eap8-eclipse-jgit-0:6.6.1.202309021850-1.r_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1193", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "impact": "low", "package": "eap8-log4j-0:2.19.0-2.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1193", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "impact": "low", "package": "eap8-lucene-solr-0:8.11.2-2.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1193", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "impact": "low", "package": "eap8-parsson-0:1.1.5-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-03-06T00:00:00Z"}, {"advisory": "RHSA-2024:1193", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "impact": "low", "package": "eap8-wildfly-0:8.0.1-3.GA_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-03-06T00:00:00Z"}], "bugzilla": {"description": "apache-mina-sshd: information exposure in SFTP server implementations", "id": "2240036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-22", "details": ["Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA.\nIn SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover \"exists/does not exist\" information about items outside the rooted tree via paths including parent navigation (\"..\") beyond the root, or involving symlinks.\nThis issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10", "A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope."], "name": "CVE-2023-35887", "package_state": [{"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Out of support scope", "package_name": "sshd-common", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Will not fix", "package_name": "sshd-common", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Affected", "package_name": "sshd-common", "product_name": "Red Hat Integration Camel Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Out of support scope", "package_name": "sshd-common", "product_name": "Red Hat JBoss Fuse 7"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "sshd-common", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Out of support scope", "package_name": "sshd-common", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Out of support scope", "package_name": "sshd-common", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Will not fix", "package_name": "sshd-common", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Will not fix", "package_name": "sshd-common", "product_name": "Red Hat support for Spring Boot"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Out of support scope", "package_name": "sshd-common", "product_name": "Red Hat Virtualization 4"}], "public_date": "2023-07-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-35887\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-35887"], "threat_severity": "Moderate", "upstream_fix": "apache-mina 2.10"}