Vulnerability Details : CVE-2018-14335
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
Products affected by CVE-2018-14335
- cpe:2.3:a:h2database:h2:1.4.197:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-14335
1.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-14335
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
NIST | |
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-08-01 |
CWE ids for CVE-2018-14335
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: nvd@nist.gov (Primary)
-
During installation, installed file permissions are set to allow anyone to modify those files.Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
-
A product defines a set of insecure permissions that are inherited by objects that are created by the program.Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
References for CVE-2018-14335
-
https://lists.apache.org/thread.html/582d4165de6507b0be82d5a6f9a1ce392ec43a00c9fed32bacf7fe1e%40%3Cuser.ignite.apache.org%3E
Re: H2 version security concern-Apache Mail Archives
-
https://security.netapp.com/advisory/ntap-20240726-0003/
CVE-2018-14335 H2 Database Vulnerability in NetApp Products | NetApp Product Security
-
https://gist.github.com/owodelta/9714faf9a86435cef5a99d4930eaee20
Page not found · GitHub · GitHubExploit;Third Party Advisory
-
https://www.exploit-db.com/exploits/45105/
H2 Database 1.4.197 - Information DisclosureExploit;Third Party Advisory;VDB Entry
-
https://lists.apache.org/thread.html/582d4165de6507b0be82d5a6f9a1ce392ec43a00c9fed32bacf7fe1e@%3Cuser.ignite.apache.org%3E
Re: H2 version security concern - Pony Mail
-
https://access.redhat.com/errata/RHSA-2020:0727
RHSA-2020:0727 - Security Advisory - Red Hat Customer Portal
Jump to