SCA: security update for org.geoserver:gs-restconfig (GHSA-75m5-hh4r-q9gx)

medium Tenable Cloud Security Plugin ID 411841

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- GeoServer is an open source software server written in Java that allows users to share and edit geospatial
data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables
an authenticated administrator with permissions to modify stores through the REST Coverage Store or Data
Store API to rename arbitrary files and directories with a name that does not end in `.zip`. Store file
uploads rename zip files to have a `.zip` extension if it doesn't already have one before unzipping the
file. This is fine for file and url upload methods where the files will be in a specific subdirectory of
the data directory but, when using the external upload method, this allows arbitrary files and directories
to be renamed. Renaming GeoServer files will most likely result in a denial of service, either completely
preventing GeoServer from running or effectively deleting specific resources (such as a workspace, layer
or style). In some cases, renaming GeoServer files could revert to the default settings for that file
which could be relatively harmless like removing contact information or have more serious consequences
like allowing users to make OGC requests that the customized settings would have prevented them from
making. The impact of renaming non-GeoServer files depends on the specific environment although some sort
of denial of service is a likely outcome. Versions 2.23.5 and 2.24.2 contain a fix for this issue.
(CVE-2024-23634)

See Also

https://github.com/advisories/GHSA-75m5-hh4r-q9gx

Plugin Details

Severity: Medium

ID: 411841

Version: Revision 1.5

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 6/1/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

Percentile: 96.86

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: High

Base Score: 7.3

Temporal Score: 5.7

Vector: CVSS2#AV:N/AC:L/Au:M/C:P/I:P/A:C

CVSS Score Source: CVE-2024-23634

CVSS v3

Risk Factor: Medium

Base Score: 6

Temporal Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/20/2024

Vulnerability Publication Date: 3/20/2024

Reference Information

CVE: CVE-2024-23634