CVE-2024-1485

Relative Path Traversal (CWE-23)

Published: Feb 14, 2024 / Updated: 9mo ago

010
CVSS 9.3EPSS 0.05%Critical
CVE info copied to clipboard

Summary

A vulnerability was found in the decompression function of registry-support. This issue can be triggered by an unauthenticated remote attacker when tricking a user into opening a specially modified .tar archive, leading to the cleanup process following relative paths to overwrite or delete files outside the intended scope.

Impact

This vulnerability allows an unauthenticated remote attacker to potentially overwrite or delete files outside the intended scope on the target system. The attack requires user interaction, specifically tricking a user into opening a specially crafted .tar archive. The vulnerability has a high impact on both integrity and availability of the system, while confidentiality is not directly affected. Given the "Changed" scope in the CVSS score, the impact may extend beyond the vulnerable component, potentially affecting the wider system or other components.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available for this vulnerability. The issue has been addressed in the devfile/registry-support repository with a commit (0e44b9ca6d03fac4fc3f77d37656d56dc5defe0d) and a pull request (#197). The vulnerability affects versions of registry-support before 0.0.0-20240206.

Mitigation

1. Update the affected devfile/registry-support to version 0.0.0-20240206 or later. 2. Implement strict input validation and sanitization for any file-related operations, especially those involving user-supplied input. 3. Use proper access controls and file system permissions to limit the potential impact of path traversal attacks. 4. Educate users about the risks of opening untrusted .tar archives and implement security awareness training. 5. Consider implementing additional security measures such as sandboxing or containerization to isolate potentially malicious file operations. 6. Regularly monitor and audit system logs for any suspicious file system activities that might indicate exploitation attempts.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-1485

Feb 13, 2024 at 4:15 PM
First Article

Feedly found the first article mentioning CVE-2024-1485. See article

Feb 14, 2024 at 12:21 AM / National Vulnerability Database
EPSS

EPSS Score was set to: 0.05% (Percentile: 12%)

Feb 14, 2024 at 2:42 PM
Vendor Advisory

RedHat CVE advisory released a security advisory (CVE-2024-1485).

Feb 15, 2024 at 5:20 AM
CVSS

A CVSS base score of 9.3 has been assigned.

Oct 21, 2024 at 8:15 PM / nvd
Static CVE Timeline Graph

Affected Systems

Redhat/openshift_developer_tools_and_services
+null more

Patches

bugzilla.redhat.com
+null more

Attack Patterns

CAPEC-139: Relative Path Traversal
+null more

References

CVE-2024-1485 - Red Hat Customer Portal
Bugzilla 2264106: registry-support: decompress can delete files outside scope via relative paths · CWE-23: Relative Path Traversal · FAQ: Frequently ...
(CVE-2024-1485) CVE-2024-1485 registry-support: decompress can delete files outside scope via relative paths
This site requires JavaScript to be enabled to function correctly, please enable it.

News

Update Tue Mar 5 09:57:01 UTC 2024
Update Tue Mar 5 09:57:01 UTC 2024
Update Wed Feb 21 18:07:31 UTC 2024
Update Wed Feb 21 18:07:31 UTC 2024
Update Tue Feb 20 10:11:54 UTC 2024
Update Tue Feb 20 10:11:54 UTC 2024
CVE-2024-1485 - Red Hat Customer Portal
Bugzilla 2264106: registry-support: decompress can delete files outside scope via relative paths · CWE-23: Relative Path Traversal · FAQ: Frequently ...
CVE-2024-1485
Medium Severity Description A vulnerability was found in the decompression function of registry-support. This issue can be triggered by an unauthenticated remote attacker when tricking a user into opening a specially modified .tar archive, leading to the cleanup process following relative paths to overwrite or delete files outside the intended scope. Read more at https://www.tenable.com/cve/CVE-2024-1485
See 6 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Changed
Confidentiality:None
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI