Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up

CVE-2019-0214

UNKNOWN
Published 2019-04-30T21:48:54
Actions:
No CVSS data available

Description

In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Apache

Apache Archiva

Affected Versions:

All versions prior to version 2.2.4

References

https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E
https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E
https://seclists.org/bugtraq/2019/Apr/48
http://www.openwall.com/lists/oss-security/2019/04/30/8
http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html
http://archiva.apache.org/security.html#CVE-2019-0214
https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E
http://www.securityfocus.com/bid/108124
https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E
Published: 2019-04-30T21:48:54
Last Modified: 2024-08-04T17:44:14.813Z
Copied to clipboard!