CVE-2021-43821

{"id": "CVE-2021-43821", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.1}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}]}, "published": "2021-12-14T20:15:07.617", "references": [{"url": "https://github.com/opencast/opencast/blob/69952463971cf578363e3b97d8edaf334ff51253/modules/ingest-service-impl/src/main/java/org/opencastproject/ingest/impl/IngestServiceImpl.java#L1587", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/opencast/opencast/commit/65c46b9d3e8f045c544881059923134571897764", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/opencast/opencast/security/advisories/GHSA-59g4-hpg3-3gcp", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://mvnrepository.com/artifact/org.opencastproject/opencast-ingest-service-impl", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-552"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-552"}]}], "descriptions": [{"lang": "en", "value": "Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast before version 9.10 or 10.6 allows references to local file URLs in ingested media packages, allowing attackers to include local files from Opencast's host machines and making them available via the web interface. Before Opencast 9.10 and 10.6, Opencast would open and include local files during ingests. Attackers could exploit this to include most local files the process has read access to, extracting secrets from the host machine. An attacker would need to have the privileges required to add new media to exploit this. But these are often widely given. The issue has been fixed in Opencast 10.6 and 11.0. You can mitigate this issue by narrowing down the read access Opencast has to files on the file system using UNIX permissions or mandatory access control systems like SELinux. This cannot prevent access to files Opencast needs to read though and we highly recommend updating."}, {"lang": "es", "value": "Opencast es un software de c\u00f3digo abierto para la captura de conferencias y la administraci\u00f3n de v\u00eddeo para la educaci\u00f3n. Opencast versiones anteriores a 9.10 o 10.6, permite referencias a URLs de archivos locales en paquetes de medios ingeridos, permitiendo a atacantes incluir archivos locales de las m\u00e1quinas anfitrionas de Opencast y hacerlos disponibles por medio de la interfaz web. En versiones anteriores a Opencast 9.10 y 10.6, Opencast abr\u00eda e inclu\u00eda archivos locales durante las ingestas. Los atacantes pod\u00edan aprovechar esto para incluir la mayor\u00eda de los archivos locales a los que el proceso tuviera acceso de lectura, extrayendo secretos de la m\u00e1quina anfitriona. Un atacante necesitar\u00eda tener los privilegios necesarios para a\u00f1adir nuevos medios para explotar esto. Sin embargo, estos suelen ser ampliamente otorgados. El problema se ha corregido en Opencast versiones 10.6 y 11.0. Puede mitigar este problema limitando el acceso de lectura que Opencast posee a los archivos del sistema de archivos mediante permisos UNIX o sistemas de control de acceso obligatorios como SELinux. Sin embargo, esto no puede impedir el acceso a los archivos que Opencast necesita leer, por lo que recomendamos encarecidamente la actualizaci\u00f3n"}], "lastModified": "2021-12-20T20:48:12.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apereo:opencast:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AFC8FC9-B836-439D-96C4-6DD80FFFB37F", "versionEndExcluding": "10.6"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}