CVE-2021-21430 - Vulnerability Details

Vendors	Products
Openapi-generator	Openapi Generator

Link	Providers
https://github.com/OpenAPITools/openapi-generator/pull/8787
https://github.com/OpenAPITools/openapi-generator/pull/8791
https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w

{"containers": {"cna": {"affected": [{"product": "openapi-generator", "vendor": "OpenAPITools", "versions": [{"status": "affected", "version": "< 5.1.0"}]}], "descriptions": [{"lang": "en", "value": "OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-10T19:25:12", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}], "source": {"advisory": "GHSA-cqxr-xf2w-943w", "discovery": "UNKNOWN"}, "title": "Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2021-21430", "STATE": "PUBLIC", "TITLE": "Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "openapi-generator", "version": {"version_data": [{"version_value": "< 5.1.0"}]}}]}, "vendor_name": "OpenAPITools"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269: Improper Privilege Management"}]}]}, "references": {"reference_data": [{"name": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w", "refsource": "CONFIRM", "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}, {"name": "https://github.com/OpenAPITools/openapi-generator/pull/8791", "refsource": "MISC", "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"name": "https://github.com/OpenAPITools/openapi-generator/pull/8787", "refsource": "MISC", "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}]}, "source": {"advisory": "GHSA-cqxr-xf2w-943w", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:09:16.157Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-21430", "datePublished": "2021-05-10T19:25:12", "dateReserved": "2020-12-22T00:00:00", "dateUpdated": "2024-08-03T18:09:16.157Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openapi-generator:openapi_generator:*:*:*:*:*:*:*:*", "matchCriteriaId": "F00E0479-8B4E-4665-B09B-096E44C97DC2", "versionEndExcluding": "5.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version."}, {"lang": "es", "value": "OpenAPI Generator permite la generaci\u00f3n de bibliotecas de cliente API (generaci\u00f3n de SDK), stubs de servidor, documentaci\u00f3n y configuraci\u00f3n de forma autom\u00e1tica dada una especificaci\u00f3n de OpenAPI. El uso de \"File.createTempFile\" en JDK dar\u00e1 como resultado la creaci\u00f3n y el uso de archivos temporales no seguros que pueden dejar la aplicaci\u00f3n y los datos del sistema vulnerables a los ataques. El c\u00f3digo generado autom\u00e1ticamente (Java, Scala) que se ocupa de cargar o descargar datos binarios por medio de los endpoints de la API crear\u00e1 archivos temporales no seguros durante el proceso. Generadores afectados: \"java\" (jersey2, okhttp-gson (biblioteca predeterminada)),\"scala-finch\". El problema se corrigi\u00f3 con \"Files.createTempFile\" y se lanz\u00f3 en la versi\u00f3n estable v5.1.0"}], "id": "CVE-2021-21430", "lastModified": "2024-11-21T05:48:20.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2021-05-10T20:15:07.840", "references": [{"source": "[email protected]", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}, {"source": "[email protected]", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-668"}], "source": "[email protected]", "type": "Primary"}]}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object