{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-23T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-04-12T18:06:03.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2015:0234", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"}, {"name": "RHSA-2015:0235", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/uberfire/uberfire/commit/21ec50eb15"}, {"name": "88199", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/88199"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:10:50.634Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2015:0234", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"}, {"name": "RHSA-2015:0235", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/uberfire/uberfire/commit/21ec50eb15"}, {"name": "88199", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/88199"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-8114", "datePublished": "2015-02-20T16:00:00.000Z", "dateReserved": "2014-10-10T00:00:00.000Z", "dateUpdated": "2024-08-06T13:10:50.634Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:uberfire:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D77C7E1E-DEB1-4274-A24B-E6055DDA7B28", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:uberfire:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "93450F9F-B493-43B4-AA0B-4CFC560727A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:uberfire:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "3689A871-C3E5-47D5-8A57-45B6C3643704", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:uberfire:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "583BBDC5-EFB4-482C-94EC-E529AE938091", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet."}, {"lang": "es", "value": "El Framework UberFire 0.3.x no restringe rutas correctamente, lo que permite a atacantes remotos (1) ejecutar c\u00f3digo arbitrario mediante la subida de un contenido manipulado en FileUploadServlet o (2) leer ficheros arbitrarios a trav\u00e9s de vectores que involucran FileDownloadServlet."}], "id": "CVE-2014-8114", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-02-20T16:59:02.430", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/88199"}, {"source": "secalert@redhat.com", "url": "https://github.com/uberfire/uberfire/commit/21ec50eb15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/88199"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/uberfire/uberfire/commit/21ec50eb15"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank David Jorm for reporting this issue.", "affected_release": [{"advisory": "RHSA-2015:0234", "cpe": "cpe:/a:redhat:jboss_bpms:6.0", "package": "uberfire", "product_name": "Red Hat JBoss BPMS 6.0", "release_date": "2015-02-17T00:00:00Z"}, {"advisory": "RHSA-2015:0235", "cpe": "cpe:/a:redhat:jboss_brms:6.0", "package": "uberfire", "product_name": "Red Hat JBoss BRMS 6.0", "release_date": "2015-02-17T00:00:00Z"}], "bugzilla": {"description": "UberFire: Information disclosure and RCE via insecure file upload/download servlets", "id": "1169544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169544"}, "csaw": false, "cvss": {"cvss_base_score": "6.0", "cvss_scoring_vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-22", "details": ["The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet.", "It was discovered that the default implementation of FileUploadServlet and FileDownloadServlet provided by the UberFire Framework did not restrict the paths to which a file could be written or read from. In applications using this framework and exposing these servlets, a remote attacker could gain access to information stored in files accessible to the application container process, or execute arbitrary code by uploading malicious content."], "name": "CVE-2014-8114", "public_date": "2015-02-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-8114\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-8114"], "threat_severity": "Important"}