CVE-2021-22118

{"id": "CVE-2021-22118", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2021-05-27T15:15:07.437", "references": [{"url": "https://security.netapp.com/advisory/ntap-20210713-0005/", "tags": ["Third Party Advisory"], "source": "security@vmware.com"}, {"url": "https://tanzu.vmware.com/security/cve-2021-22118", "tags": ["Third Party Advisory"], "source": "security@vmware.com"}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@vmware.com"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@vmware.com"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@vmware.com"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@vmware.com"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@vmware.com"}, {"url": "https://security.netapp.com/advisory/ntap-20210713-0005/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tanzu.vmware.com/security/cve-2021-22118", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@vmware.com", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data."}, {"lang": "es", "value": "En Spring Framework, versiones 5.2.x anteriores a 5.2.15 y versiones 5.3.x anteriores a 5.3.7, una aplicaci\u00f3n WebFlux es vulnerable a una escalada de privilegios: al (re)crear el directorio de almacenamiento temporal, un usuario malicioso autenticado localmente puede leer o modificar archivos que han sido subidos a la aplicaci\u00f3n WebFlux, o sobrescribir archivos arbitrarios con petici\u00f3n de datos de m\u00faltiples partes"}], "lastModified": "2024-11-21T05:49:32.563", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F640822D-4742-4F05-B70C-82B83EE95D45", "versionEndExcluding": "5.2.15", "versionStartIncluding": "5.2.0"}, {"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F80D8729-8629-4DFF-8A09-8765E847EF01", "versionEndExcluding": "5.3.7", "versionStartIncluding": "5.3.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79"}, {"criteria": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06594847-96ED-4541-B2F4-C7331B603603"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "868E7C46-7E45-4CFA-8A25-7CBFED912096"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45E5C9B0-AB25-4744-88E4-FD0C4A853001"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AB059F2-FEC4-4180-8A90-39965495055E"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A276784-877B-4A29-A8F1-70518A438A9A"}, {"criteria": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5B4A191-44AE-4C35-9164-19237D2CF013", "versionEndIncluding": "8.1.0", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A543B4F8-149A-48AB-B388-AB7FA2ECAC18", "versionEndIncluding": "8.2.3", "versionStartIncluding": "8.2.0"}, {"criteria": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0331877D-D5DB-4EE8-8220-C1CDC3F90CB0", "versionEndIncluding": "8.2.4.0", "versionStartIncluding": "8.2.0"}, {"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E812639B-EE28-4C68-9F6F-70C8BF981C86"}, {"criteria": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B21E6EEF-2AB7-4E96-B092-1F49D11B4175"}, {"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B7C949D-0AB3-4566-9096-014C82FC1CF1", "versionEndIncluding": "8.2.4.0", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E419C70-9516-4C63-997B-60B20E30A30D", "versionEndIncluding": "8.2.4.0", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7637F8B-15F1-42E2-BE18-E1FF7C66587D"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E43D793A-7756-4D58-A8ED-72DC4EC9CEA7"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EBC7EB1-FD72-4BFC-92CC-7C8B8E462D7C"}, {"criteria": "cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "135D531C-A692-4BE3-AB8C-37BB0D35559A", "versionEndIncluding": "12.6.4", "versionStartIncluding": "12.6.0"}, {"criteria": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36CF85A9-2C29-46E7-961E-8ADD0B5822CF"}, {"criteria": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E80555C7-DA1C-472C-9467-19554DCE4476"}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC1C79CD-1833-451C-821D-369B09D672FB", "versionEndIncluding": "8.1.1", "versionStartIncluding": "8.0.8"}, {"criteria": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66C673C4-A825-46C0-816B-103E1C058D03"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E883986-13DA-470F-95C4-BEBD0EDFEB9C", "versionEndIncluding": "11.3.1", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3E25293-CB03-44CE-A8ED-04B3A0487A6A"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F9721E3-EE25-4C8A-9E0A-E60D465E0A97"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "212AC8FA-90E8-4FDF-BC57-D17CD8F2E35C"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7A6C04D-43B3-4B83-A185-7CBD838C97E4"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2B51896-E4DA-4FDA-979F-481FFB3E588A"}, {"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88627B99-16DC-4878-A63A-A40F6FC1F477", "versionEndIncluding": "8.0.25"}, {"criteria": "cpe:2.3:a:oracle:retail_assortment_planning:16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BBFE031-4BD1-4501-AC62-DC0AFC2167B7"}, {"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B92BB355-DB00-438E-84E5-8EC007009576", "versionEndIncluding": "19.0", "versionStartIncluding": "16.0"}, {"criteria": "cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "798E4FEE-9B2B-436E-A2B3-B8AA1079892A"}, {"criteria": "cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB86F6C3-981E-4ECA-A5EB-9A9CD73D70C9"}, {"criteria": "cpe:2.3:a:oracle:retail_financial_integration:16.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B042849-7EF5-4A5F-B6CD-712C0B8735BF"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CFCE558-9972-46A2-8539-C16044F1BAA9"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:16.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "822A3C37-86F2-4E91-BE91-2A859F983941"}, {"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38"}, {"criteria": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38E74E68-7F19-4EF3-AC00-3C249EAAA39E"}, {"criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B1A4F12-3E64-41CF-B2B3-B6AB734B69E0"}, {"criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24A3C819-5151-4543-A5C6-998C9387C8A2"}, {"criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FB98961-8C99-4490-A6B8-9A5158784F5A"}, {"criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3ED272C-A545-4F8C-86C0-2736B3F2DCAF"}, {"criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5B4C338-11E1-4235-9D5A-960B2711AC39"}, {"criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C93F84E-9680-44EF-8656-D27440B51698"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6"}, {"criteria": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86B51137-28D9-41F2-AFA2-3CC22B4954D1"}], "operator": "OR"}]}], "sourceIdentifier": "security@vmware.com"}