Creation of Temporary File With Insecure Permissions in Netty

#VU62849 Creation of Temporary File With Insecure Permissions in Netty

Cybersecurity Help s.r.o.

Published: 2022-05-09

Vulnerability identifier: #VU62849

Vulnerability risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24823

CWE-ID: CWE-378

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Netty
Universal components / Libraries / Libraries used by multiple products

Vendor: Netty project

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to usage of insecure permissions for temporary files. A local user can view contents of temporary files and gain access to sensitive information.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Netty: 4.0.0 - 4.1.76

External links
http://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1
http://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

IBM watsonx.data update for Netty

Multiple vulnerabilities in IBM Security Verify Access

Multiple vulnerabilities in IBM Disconnected Log Collector

Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

IBM Log Analysis update for Apache Solr and Apache Zookeeper

Multiple vulnerabilities in Watson Machine Learning Accelerator on Cloud Pak for Data

Multiple vulnerabilities in IBM QRadar SIEM

Multiple vulnerabilities in IBM Voice Gateway

Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps

Multiple vulnerabilities in Red Hat AMQ Streams