CVE-2020-15097 (GCVE-0-2020-15097)
Vulnerability from cvelistv5 – Published: 2021-02-02 17:35 – Updated: 2024-08-04 13:08
VLAI?
Title
Path Traversal in loklak
Summary
loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, a path traversal vulnerability exists. Insufficient input validation in the APIs exposed by the loklak server allowed a directory traversal vulnerability. Any admin configuration and files readable by the app available on the hosted file system can be retrieved by the attacker. Furthermore, user-controlled content could be written to any admin config and files readable by the application. This has been patched in commit 50dd692. Users will need to upgrade their hosted instances of loklak to not be vulnerable to this exploit.
Severity ?
9.1 (Critical)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:21.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "loklak",
"vendor": "loklak",
"versions": [
{
"status": "affected",
"version": "\u003c= 5f48476d6f06dc00d87d25def5f789db703dfe3e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, a path traversal vulnerability exists. Insufficient input validation in the APIs exposed by the loklak server allowed a directory traversal vulnerability. Any admin configuration and files readable by the app available on the hosted file system can be retrieved by the attacker. Furthermore, user-controlled content could be written to any admin config and files readable by the application. This has been patched in commit 50dd692. Users will need to upgrade their hosted instances of loklak to not be vulnerable to this exploit."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-02T17:35:13.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9"
}
],
"source": {
"advisory": "GHSA-7557-4v29-rqw6",
"discovery": "UNKNOWN"
},
"title": "Path Traversal in loklak",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15097",
"STATE": "PUBLIC",
"TITLE": "Path Traversal in loklak"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "loklak",
"version": {
"version_data": [
{
"version_value": "\u003c= 5f48476d6f06dc00d87d25def5f789db703dfe3e"
}
]
}
}
]
},
"vendor_name": "loklak"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, a path traversal vulnerability exists. Insufficient input validation in the APIs exposed by the loklak server allowed a directory traversal vulnerability. Any admin configuration and files readable by the app available on the hosted file system can be retrieved by the attacker. Furthermore, user-controlled content could be written to any admin config and files readable by the application. This has been patched in commit 50dd692. Users will need to upgrade their hosted instances of loklak to not be vulnerable to this exploit."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6",
"refsource": "CONFIRM",
"url": "https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6"
},
{
"name": "https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9",
"refsource": "MISC",
"url": "https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9"
}
]
},
"source": {
"advisory": "GHSA-7557-4v29-rqw6",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15097",
"datePublished": "2021-02-02T17:35:13.000Z",
"dateReserved": "2020-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:08:21.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-15097",
"date": "2026-05-07",
"epss": "0.00465",
"percentile": "0.64438"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:loklak_project:loklak:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2020-01-22\", \"matchCriteriaId\": \"80F8E47F-4BA9-44F2-9E37-1DCF5C87E690\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, a path traversal vulnerability exists. Insufficient input validation in the APIs exposed by the loklak server allowed a directory traversal vulnerability. Any admin configuration and files readable by the app available on the hosted file system can be retrieved by the attacker. Furthermore, user-controlled content could be written to any admin config and files readable by the application. This has been patched in commit 50dd692. Users will need to upgrade their hosted instances of loklak to not be vulnerable to this exploit.\"}, {\"lang\": \"es\", \"value\": \"loklak es una aplicaci\\u00f3n de servidor de c\\u00f3digo abierto que puede recopilar mensajes de varias fuentes, incluyendo Twitter.\u0026#xa0;El servidor contiene un \\u00edndice de b\\u00fasqueda y una interfaz de intercambio de \\u00edndices de igual a igual.\u0026#xa0;Todos los mensajes son almacenados en un \\u00edndice elasticsearch.\u0026#xa0;En loklak menor o igual al commit 5f48476, se presenta una vulnerabilidad de salto de ruta.\u0026#xa0;Una comprobaci\\u00f3n insuficiente de la entrada en las API expuestas por el servidor de loklak permiti\\u00f3 una vulnerabilidad de salto de directorio.\u0026#xa0;Cualquier configuraci\\u00f3n del administrador y los archivos legibles por la aplicaci\\u00f3n disponibles en el sistema de archivos alojados pueden ser recuperados por el atacante.\u0026#xa0;Adem\\u00e1s, el contenido controlado por el usuario podr\\u00eda escribirse en cualquier configuraci\\u00f3n de administrador y archivos legibles por la aplicaci\\u00f3n.\u0026#xa0;Esto ha sido parcheado en el commit 50dd692.\u0026#xa0;Los usuarios deber\\u00e1n actualizar sus instancias alojadas de loklak para no ser vulnerables a esta explotaci\\u00f3n\"}]",
"id": "CVE-2020-15097",
"lastModified": "2024-11-21T05:04:48.143",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:N\", \"baseScore\": 6.4, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-02-02T18:15:11.420",
"references": "[{\"url\": \"https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-15097\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-02-02T18:15:11.420\",\"lastModified\":\"2024-11-21T05:04:48.143\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, a path traversal vulnerability exists. Insufficient input validation in the APIs exposed by the loklak server allowed a directory traversal vulnerability. Any admin configuration and files readable by the app available on the hosted file system can be retrieved by the attacker. Furthermore, user-controlled content could be written to any admin config and files readable by the application. This has been patched in commit 50dd692. Users will need to upgrade their hosted instances of loklak to not be vulnerable to this exploit.\"},{\"lang\":\"es\",\"value\":\"loklak es una aplicaci\u00f3n de servidor de c\u00f3digo abierto que puede recopilar mensajes de varias fuentes, incluyendo Twitter.\u0026#xa0;El servidor contiene un \u00edndice de b\u00fasqueda y una interfaz de intercambio de \u00edndices de igual a igual.\u0026#xa0;Todos los mensajes son almacenados en un \u00edndice elasticsearch.\u0026#xa0;En loklak menor o igual al commit 5f48476, se presenta una vulnerabilidad de salto de ruta.\u0026#xa0;Una comprobaci\u00f3n insuficiente de la entrada en las API expuestas por el servidor de loklak permiti\u00f3 una vulnerabilidad de salto de directorio.\u0026#xa0;Cualquier configuraci\u00f3n del administrador y los archivos legibles por la aplicaci\u00f3n disponibles en el sistema de archivos alojados pueden ser recuperados por el atacante.\u0026#xa0;Adem\u00e1s, el contenido controlado por el usuario podr\u00eda escribirse en cualquier configuraci\u00f3n de administrador y archivos legibles por la aplicaci\u00f3n.\u0026#xa0;Esto ha sido parcheado en el commit 50dd692.\u0026#xa0;Los usuarios deber\u00e1n actualizar sus instancias alojadas de loklak para no ser vulnerables a esta explotaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:loklak_project:loklak:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2020-01-22\",\"matchCriteriaId\":\"80F8E47F-4BA9-44F2-9E37-1DCF5C87E690\"}]}]}],\"references\":[{\"url\":\"https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/loklak/loklak_server/commit/50dd69230d3cd71dab0bfa7156682ffeca8ed8b9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/loklak/loklak_server/security/advisories/GHSA-7557-4v29-rqw6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…