NVD Vulnerability Detail

CVE-2021-21245

Summary	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.getHeader("File-Name")`). This issue may lead to arbitrary file upload which can be used to upload a WebShell to OneDev server. This issue is addressed in 4.0.3 by only allowing uploaded file to be in attachments folder. The webshell issue is not possible as OneDev never executes files in attachments folder.
Publication Date	Jan. 16, 2021, 6:15 a.m.
Registration Date	Jan. 26, 2021, 10:40 a.m.
Last Update	Nov. 21, 2024, 2:47 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:onedev_project:onedev::::::::					4.0.3

Related information, measures and tools

No	URL	タグ
1	https://github.com/theonedev/onedev/commit/0c060153fb97c0288a1917efdb17cc426934dacb	Patch Third Party Advisory
2	https://github.com/theonedev/onedev/commit/0c060153fb97c0288a1917efdb17cc426934dacb	Patch Third Party Advisory
3	https://github.com/theonedev/onedev/security/advisories/GHSA-62m2-38q5-96w9	Third Party Advisory
4	https://github.com/theonedev/onedev/security/advisories/GHSA-62m2-38q5-96w9	Third Party Advisory

Common Vulnerabilities List

JVN Vulnerability Information

OneDev における危険なタイプのファイルの無制限アップロードに関する脆弱性

Title	OneDev における危険なタイプのファイルの無制限アップロードに関する脆弱性
Summary	OneDev には、危険なタイプのファイルの無制限アップロードに関する脆弱性が存在します。
Possible impacts	情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Jan. 12, 2021, midnight
Registration Date	Nov. 2, 2021, 3:30 p.m.
Last Update	Nov. 2, 2021, 3:30 p.m.

Affected System

OneDev project

OneDev 4.0.3 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-21245	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21245
National Vulnerability Database (NVD)
2	CVE-2021-21245	https://nvd.nist.gov/vuln/detail/CVE-2021-21245

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-434	https://cwe.mitre.org/data/definitions/434.html

ベンダー情報

No	Name	URL
GitHub
1	Fix the issue that uploaded file can be stored anywhere OneDev has write permissions over	https://github.com/theonedev/onedev/commit/0c060153fb97c0288a1917efdb17cc426934dacb
2	Pre-Auth Arbitrary File Upload	https://github.com/theonedev/onedev/security/advisories/GHSA-62m2-38q5-96w9

Change Log

No	Changed Details	Date of change
1	[2021年11月02日] 掲載	Nov. 2, 2021, 3:30 p.m.