7.1

CVE-2021-32557

Exploit

It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.

Data is provided by the National Vulnerability Database (NVD)
CanonicalApport Version >= 2.14.1-0ubuntu3 < 2.14.1-0ubuntu3.29\+esm7
CanonicalApport Version >= 2.20.1 < 2.20.1-0ubuntu2.30\+esm1
CanonicalApport Version >= 2.20.9 < 2.20.9-0ubuntu7.24
CanonicalApport Version >= 2.20.11-0ubuntu27 < 2.20.11-0ubuntu27.18
CanonicalApport Version >= 2.20.11-0ubuntu50 < 2.20.11-0ubuntu50.7
CanonicalApport Version >= 2.20.11-0ubuntu65 < 2.20.11-0ubuntu65.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.06% 0.147
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
nvd@nist.gov 3.6 3.9 4.9
AV:L/AC:L/Au:N/C:N/I:P/A:P
security@ubuntu.com 5.2 2 2.7
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CWE-61 UNIX Symbolic Link (Symlink) Following

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.