CVE-2020-27216

Name of the Vulnerable Software and Affected Versions Eclipse Jetty versions 1.0 through 9.4.32.v20200930 Eclipse Jetty versions 10.0.0.alpha1 through 10.0.0.beta2 Eclipse Jetty versions 11.0.0.alpha1 through 11.0.0.beta2

Description The issue is related to the creation of temporary files with insecure permissions in the Eclipse Jetty servlet container. On Unix-like systems, the system's temporary directory is shared between all users, allowing a collocated user to observe and potentially race to complete the creation of a temporary subdirectory. If the attacker succeeds, they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. This can lead to a local privilege escalation vulnerability if any code is executed out of this temporary directory.

Recommendations For Eclipse Jetty versions 1.0 through 9.4.32.v20200930, consider updating to a version that fixes the issue. For Eclipse Jetty versions 10.0.0.alpha1 through 10.0.0.beta2, consider updating to a version that fixes the issue. For Eclipse Jetty versions 11.0.0.alpha1 through 11.0.0.beta2, consider updating to a version that fixes the issue. As a temporary workaround, consider restricting access to the temporary directory to minimize the risk of exploitation.