1610877 – (CVE-2018-14335) CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup

Bug 1610877 (CVE-2018-14335) - CVE-2018-14335 h2: Information Exposure due to insecure handling of permissions in the backup

Summary: CVE-2018-14335 h2: Information Exposure due to insecure handling of permissio...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2018-14335
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1610878 1611416 1611418 1611419 1611420 1611422
Blocks:	1610880
TreeView+	depends on / blocked

Reported:	2018-08-01 14:34 UTC by Laura Pardo
Modified:	2020-12-17 09:40 UTC (History)
CC List:	70 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-03-05 16:31:45 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2020:0727	0	None	None	None	2020-03-05 12:53:46 UTC

Description Laura Pardo 2018-08-01 14:34:58 UTC

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.


References:
https://gist.github.com/owodelta/9714faf9a86435cef5a99d4930eaee20

Comment 1 Laura Pardo 2018-08-01 14:35:51 UTC

Created h2 tracking bugs for this issue:

Affects: fedora-all [bug 1610878]

Comment 6 Joshua Padman 2019-05-15 22:57:52 UTC

This vulnerability is out of security support scope for the following products:
 * Red Hat JBoss Fuse 6
 * Red Hat JBoss Fuse Service Works 6
 * Red Hat JBoss Operations Network 3
 * Red Hat JBoss SOA Platform 5
 * Red Hat JBoss BRMS 5
 * Red Hat JBoss Data Virtualization & Services 6
 * Red Hat JBoss BRMS 6

Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.

Comment 10 errata-xmlrpc 2020-03-05 12:53:43 UTC

This issue has been addressed in the following products:

  Red Hat Data Grid 7.3.3

Via RHSA-2020:0727 https://access.redhat.com/errata/RHSA-2020:0727

Comment 11 Product Security DevOps Team 2020-03-05 16:31:45 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2018-14335

Note You need to log in before you can comment on or make changes to this bug.

aileenc
akurtako
alazarot
anstephe
apevec
bmaxwell
caniszczyk
cdewolf
chazlett
chrisw
csutherl
darran.lofthouse
dimitris
dosoudil
drieden
etirelli
fgavrilo
gvarsami
ibek
jawilson
jcoleman
jjoyce
jolee
jondruse
jschatte
jschluet
jshepherd
jstastny
kbasil
kconner
krathod
kverlaen
ldimaggi
lef
lgao
lhh
loleary
lpeer
markmc
mburns
mkolesni
myarboro
nwallace
paradhya
pdrozd
pgier
ppalaga
pslavice
psotirop
rbryant
rnetuka
rrajasek
rstancel
rsvoboda
rsynek
rwagner
rzhang
sclewis
sdaley
slinaber
spinder
sstavrev
sthorger
tcunning
tdecacqu
theute
tkirby
twalsh
vhalbert
vtunka