cnvd - cnvd-2020-29366

cnvd-2020-29366

Vulnerability from cnvd

Title: Apache RocketMQ路径遍历漏洞

Description:

Apache RocketMQ是美国阿帕奇软件（Apache Software）基金会的一款轻量级的数据处理平台和消息传递引擎。

Apache RocketMQ 4.2.0版本至4.6.0版本中存在路径遍历漏洞。攻击者可利用该漏洞在父目录中创建主体文件夹。

Severity: 中

Patch Name: Apache RocketMQ路径遍历漏洞的补丁

Patch Description:

Apache RocketMQ是美国阿帕奇软件（Apache Software）基金会的一款轻量级的数据处理平台和消息传递引擎。

Apache RocketMQ 4.2.0版本至4.6.0版本中存在路径遍历漏洞。攻击者可利用该漏洞在父目录中创建主体文件夹。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.apache.org/

Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-17572

Impacted products

Name
Apache RocketMQ >=4.2.0，<=4.6.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-17572"
    }
  },
  "description": "Apache RocketMQ\u662f\u7f8e\u56fd\u963f\u5e15\u5947\u8f6f\u4ef6\uff08Apache Software\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u8f7b\u91cf\u7ea7\u7684\u6570\u636e\u5904\u7406\u5e73\u53f0\u548c\u6d88\u606f\u4f20\u9012\u5f15\u64ce\u3002\n\nApache RocketMQ 4.2.0\u7248\u672c\u81f34.6.0\u7248\u672c\u4e2d\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7236\u76ee\u5f55\u4e2d\u521b\u5efa\u4e3b\u4f53\u6587\u4ef6\u5939\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.apache.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-29366",
  "openTime": "2020-05-21",
  "patchDescription": "Apache RocketMQ\u662f\u7f8e\u56fd\u963f\u5e15\u5947\u8f6f\u4ef6\uff08Apache Software\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u8f7b\u91cf\u7ea7\u7684\u6570\u636e\u5904\u7406\u5e73\u53f0\u548c\u6d88\u606f\u4f20\u9012\u5f15\u64ce\u3002\r\n\r\nApache RocketMQ 4.2.0\u7248\u672c\u81f34.6.0\u7248\u672c\u4e2d\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7236\u76ee\u5f55\u4e2d\u521b\u5efa\u4e3b\u4f53\u6587\u4ef6\u5939\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache RocketMQ\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache RocketMQ \u003e=4.2.0\uff0c\u003c=4.6.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-17572",
  "serverity": "\u4e2d",
  "submitTime": "2020-05-15",
  "title": "Apache RocketMQ\u8def\u5f84\u904d\u5386\u6f0f\u6d1e"
}

CVE-2019-17572 (GCVE-0-2019-17572)

Vulnerability from cvelistv5

Published

2020-05-14 16:10

Modified

2024-08-05 01:40

Severity ?

CWE

Directory Traversal (Local File Inclusion)

Summary

In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later.

References

▼	URL	Tags
	https://lists.apache.org/thread.html/fdea1c5407da47a17d5522fa149a097cacded1916c1c1534d46edc6d%40%3Cprivate.rocketmq.apache.org%3E	x_refsource_MISC
	https://seclists.org/oss-sec/2020/q2/112	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Apache RocketMQ	Version: Apache RocketMQ 4.2.0 to 4.6.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:40:15.813Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/fdea1c5407da47a17d5522fa149a097cacded1916c1c1534d46edc6d%40%3Cprivate.rocketmq.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://seclists.org/oss-sec/2020/q2/112"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache RocketMQ",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Apache RocketMQ 4.2.0 to 4.6.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like \u201c../../../../topic2020\u201d is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Directory Traversal (Local File Inclusion)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T16:10:48",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/fdea1c5407da47a17d5522fa149a097cacded1916c1c1534d46edc6d%40%3Cprivate.rocketmq.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://seclists.org/oss-sec/2020/q2/112"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2019-17572",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache RocketMQ",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Apache RocketMQ 4.2.0 to 4.6.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like \u201c../../../../topic2020\u201d is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Directory Traversal (Local File Inclusion)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread.html/fdea1c5407da47a17d5522fa149a097cacded1916c1c1534d46edc6d%40%3Cprivate.rocketmq.apache.org%3E",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread.html/fdea1c5407da47a17d5522fa149a097cacded1916c1c1534d46edc6d%40%3Cprivate.rocketmq.apache.org%3E"
            },
            {
              "name": "https://seclists.org/oss-sec/2020/q2/112",
              "refsource": "MISC",
              "url": "https://seclists.org/oss-sec/2020/q2/112"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2019-17572",
    "datePublished": "2020-05-14T16:10:48",
    "dateReserved": "2019-10-14T00:00:00",
    "dateUpdated": "2024-08-05T01:40:15.813Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted