Vulnerability Details : CVE-2023-7216
Potential exploit
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.
Vulnerability category: Directory traversal
Products affected by CVE-2023-7216
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:cpio:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-7216
0.41%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-7216
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.3
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
1.8
|
3.4
|
NIST | 2024-03-12 |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | 2024-02-13 |
5.3
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
1.8
|
3.4
|
Red Hat, Inc. | 2024-03-11 |
3.3
|
LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
1.8
|
1.4
|
Red Hat, Inc. | 2024-06-12 |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
Red Hat, Inc. | 2024-02-05 |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
N/A
|
N/A
|
RedHat-CVE-2023-7216 | 2024-02-05 |
CWE ids for CVE-2023-7216
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2023-7216
-
https://bugzilla.redhat.com/show_bug.cgi?id=2249901
2249901 – (CVE-2023-7216) CVE-2023-7216 CPIO: extraction allows symlinks which enables Remote Command ExecutionExploit;Issue Tracking;Third Party Advisory
-
https://access.redhat.com/security/cve/CVE-2023-7216
CVE-2023-7216- Red Hat Customer PortalThird Party Advisory
Jump to