PT-2018-11519 · Benoit Chesneau+2 · Unicorn+3

Published

2018-02-06

Updated

2018-03-13

CVE-2018-1299

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache Allura versions prior to 1.8.0

Description The issue allows unauthenticated attackers to retrieve arbitrary files through the Allura web application. The success of the attack may depend on the web server used with Allura, with some configurations such as Nginx, Apache/mod wsgi, or paster potentially preventing the attack, while others like gunicorn do not prevent it.

Recommendations For Apache Allura versions prior to 1.8.0, update to version 1.8.0 or later to resolve the issue. As a temporary workaround, consider using a web server configuration that prevents the attack, such as Nginx, Apache/mod wsgi, or paster, until the update can be applied.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2018-1299

Affected Products

Apache

Apache Allura

Nginx

Unicorn

PT-2018-11519 · Benoit Chesneau+2 · Unicorn+3

CVE-2018-1299

Weakness Enumeration

Related Identifiers

Affected Products

References · 4