CVE-2024-29178 (GCVE-0-2024-29178)
Vulnerability from cvelistv5
Published
2024-07-18 11:15
Modified
2025-02-13 17:47
Severity ?
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4
References
security@apache.orghttp://www.openwall.com/lists/oss-security/2024/07/18/1Mailing List, Third Party Advisory
security@apache.orghttps://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfnMailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/07/18/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfnMailing List, Vendor Advisory
Impacted products
Vendor Product Version
Apache Software Foundation Apache StreamPark Version: 1.0.0   
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:streampark:1.0.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "streampark",
            "vendor": "apache",
            "versions": [
              {
                "lessThan": "2.1.4",
                "status": "affected",
                "version": "1.0.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-29178",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-18T13:21:44.462964Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-18T13:37:53.581Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:10:54.085Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfn"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/18/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache StreamPark",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.1.4",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "L0ne1y"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOn versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server,\u0026nbsp;The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cdiv\u003eMitigation:\u003cbr\u003e\u003cbr\u003e\u003c/div\u003eall users \u003cspan style=\"background-color: var(--wht);\"\u003eshould upgrade to 2.1.4\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server,\u00a0The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability.\n\nMitigation:\n\nall users should upgrade to 2.1.4"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-18T11:20:07.243Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfn"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/07/18/1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache StreamPark: FreeMarker SSTI RCE Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-29178",
    "datePublished": "2024-07-18T11:15:56.706Z",
    "dateReserved": "2024-03-18T16:34:46.011Z",
    "dateUpdated": "2025-02-13T17:47:39.338Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-29178\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-07-18T12:15:02.960\",\"lastModified\":\"2025-02-13T18:17:50.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server,\u00a0The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability.\\n\\nMitigation:\\n\\nall users should upgrade to 2.1.4\"},{\"lang\":\"es\",\"value\":\"En versiones anteriores a la 2.1.4, un usuario pod\u00eda iniciar sesi\u00f3n y realizar un ataque de inyecci\u00f3n de plantilla que generaba una ejecuci\u00f3n remota de c\u00f3digo en el servidor. El atacante deb\u00eda iniciar sesi\u00f3n correctamente en el sistema para lanzar un ataque, por lo que se trata de una vulnerabilidad de impacto moderado. Mitigaci\u00f3n: todos los usuarios deben actualizar a 2.1.4\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:streampark:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.4\",\"matchCriteriaId\":\"43F40411-3380-4B0F-BA0D-18C85BD8C615\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/18/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfn\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/18/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfn\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfn\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/18/1\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T01:10:54.085Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29178\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-18T13:21:44.462964Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:apache:streampark:1.0.0:-:*:*:*:*:*:*\"], \"vendor\": \"apache\", \"product\": \"streampark\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"2.1.4\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-18T13:23:28.226Z\"}}], \"cna\": {\"title\": \"Apache StreamPark: FreeMarker SSTI RCE Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"L0ne1y\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"moderate\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache StreamPark\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"2.1.4\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/n6dhnl68knpxy80t35qxkkw2691l8sfn\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/18/1\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server,\\u00a0The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability.\\n\\nMitigation:\\n\\nall users should upgrade to 2.1.4\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eOn versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server,\u0026nbsp;The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cdiv\u003eMitigation:\u003cbr\u003e\u003cbr\u003e\u003c/div\u003eall users \u003cspan style=\\\"background-color: var(--wht);\\\"\u003eshould upgrade to 2.1.4\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-07-18T11:15:56.706Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-29178\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T01:10:54.085Z\", \"dateReserved\": \"2024-03-18T16:34:46.011Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-07-18T11:15:56.706Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.