Vulnerability Details : CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is related to the checksum_basic_mapping function.
Vulnerability category: Input validation
Products affected by CVE-2018-12088
- cpe:2.3:a:s3ql_project:s3ql:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-12088
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-12088
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-12088
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-12088
-
https://bitbucket.org/nikratio/s3ql/commits/85aba5c2d5c81453a73a50ed638adaeef0521020
Repository deleted — BitbucketPatch;Third Party Advisory
-
https://groups.google.com/forum/#!topic/s3ql/4TzCVIMkA4o
Google GroepenThird Party Advisory
-
https://bitbucket.org/nikratio/s3ql/issues/272/t3_verifypy-test_retrieve-sometimes-fails
Repository deleted — BitbucketExploit;Third Party Advisory
Jump to