CVE-2020-1945MEDIUM
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
References
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccommits.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cnotifications.groovy.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E
https://usn.ubuntu.com/4380-1/
https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.apache.org/thread.html/[email protected]%3Ctorque-dev.db.apache.org%3E
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00053.html
https://security.gentoo.org/glsa/202007-34
https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccommits.myfaces.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.ant.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cuser.ant.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
http://www.openwall.com/lists/oss-security/2020/09/30/6
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
https://www.oracle.com/security-alerts/cpuoct2020.html
https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cnotifications.groovy.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccommits.groovy.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cnotifications.groovy.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.groovy.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cusers.groovy.apache.org%3E
http://www.openwall.com/lists/oss-security/2020/12/06/1
https://lists.apache.org/thread.html/[email protected]%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cnotifications.groovy.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccommits.myfaces.apache.org%3E
https://www.oracle.com/security-alerts/cpujan2021.html
https://lists.apache.org/thread.html/[email protected]%3Cdev.creadur.apache.org%3E
Details
Source: MITRE
Published: 2020-05-14
Updated: 2021-06-14
Type: CWE-200
Risk Information
CVSS v2
Base Score: 3.3
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N
Impact Score: 4.9
Exploitability Score: 3.4
Severity: LOW
CVSS v3
Base Score: 6.3
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Impact Score: 5.2
Exploitability Score: 1
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:apache:ant:*:*:*:*:*:*:*:* versions from 1.1 to 1.9.14 (inclusive)
cpe:2.3:a:apache:ant:*:*:*:*:*:*:*:* versions from 1.10.0 to 1.10.7 (inclusive)
Configuration 2
OR
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 147015 | RHEL 7 / 8 : OpenShift Container Platform 4.5.33 packages and (RHSA-2021:0429) | Nessus | Red Hat Local Security Checks | high |
| 147013 | RHEL 7 : OpenShift Container Platform 3.11.394 bug fix and (RHSA-2021:0637) | Nessus | Red Hat Local Security Checks | high |
| 146566 | RHEL 7 / 8 : OpenShift Container Platform 4.6.17 (RHSA-2021:0423) | Nessus | Red Hat Local Security Checks | high |
| 142265 | EulerOS 2.0 SP2 : ant (EulerOS-SA-2020-2327) | Nessus | Huawei Local Security Checks | medium |
| 142210 | Oracle Business Process Management Suite (Oct 2020 CPU) | Nessus | Misc. | critical |
| 140937 | FreeBSD : Apache Ant leaks sensitive information via the java.io.tmpdir (6d5f1b0b-b865-48d5-935b-3fb6ebb425fc) | Nessus | FreeBSD Local Security Checks | medium |
| 140899 | EulerOS 2.0 SP3 : ant (EulerOS-SA-2020-2132) | Nessus | Huawei Local Security Checks | medium |
| 140136 | EulerOS 2.0 SP5 : ant (EulerOS-SA-2020-1915) | Nessus | Huawei Local Security Checks | medium |
| 139124 | EulerOS 2.0 SP8 : ant (EulerOS-SA-2020-1794) | Nessus | Huawei Local Security Checks | medium |
| 138957 | GLSA-202007-34 : Apache Ant: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | medium |
| 138789 | openSUSE Security Update : ant (openSUSE-2020-1022) | Nessus | SuSE Local Security Checks | medium |
| 138594 | Oracle Enterprise Manager Ops Center (Jul 2020 CPU) | Nessus | Misc. | medium |
| 138526 | Oracle Primavera Gateway (Jul 2020 CPU) | Nessus | CGI abuses | critical |
| 138508 | Oracle Primavera Unifier Multiple Vulnerabilities (Jul 2020 CPU) | Nessus | CGI abuses | critical |
| 137317 | Photon OS 1.0: Apache PHSA-2020-1.0-0298 | Nessus | PhotonOS Local Security Checks | high |
| 137199 | Photon OS 3.0: Apache PHSA-2020-3.0-0099 | Nessus | PhotonOS Local Security Checks | medium |
| 137116 | Fedora 32 : ant (2020-7f07da3fef) | Nessus | Fedora Local Security Checks | medium |
| 137046 | Ubuntu 19.10 : Apache Ant vulnerability (USN-4380-1) | Nessus | Ubuntu Local Security Checks | medium |
| 137009 | Fedora 31 : ant (2020-52741b0a49) | Nessus | Fedora Local Security Checks | medium |