#VU89531 Path traversal in uimaj - CVE-2022-32287

Cybersecurity Help s.r.o.

Published: 2024-05-15

Vulnerability identifier: #VU89531

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-32287

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
uimaj
Web applications / CMS

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists in a FileUtil class used by the PEAR management component of Apache UIMAs. A remote attacker can create files outside the designated target directory using carefully crafted ZIP entry names.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

uimaj: 2.1 - 3.3.0

External links
https://lists.apache.org/thread/57vk0d79j94d0lk0vol8xn935yv1shdd
https://www.openwall.com/lists/oss-security/2022/11/03/4

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Robotic Process Automation for Cloud Pak

Multiple vulnerabilities in IBM Watson Assistant for IBM Cloud Pak for Data