CVE-2022-43449 - OpenCVE

OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to download_server service which run with UID 1000.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Openharmony	Openharmony

Configuration 1 [-]

cpe:2.3:a:openharmony:openharmony:*:*:*:*:*:*:*:*

References

Link	Resource
https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-11.md	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: OpenHarmony

Published: 2022-11-03T19:15:14.052046Z

Updated: 2022-12-12T09:47:38.527824Z

Reserved: 2022-10-31T00:00:00

Link: CVE-2022-43449

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-11-03T20:15:33.527

Modified: 2022-11-07T02:18:25.670

Link: CVE-2022-43449

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"vendor": "OpenHarmony", "product": "OpenHarmony", "versions": [{"version": "3.1.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">OpenHarmony-v3.1.2 and prior versions had an \n\n<span style=\"background-color: rgb(246, 248, 250);\">Arbitrary file read </span>vulnerability \n\n<span style=\"background-color: rgb(246, 248, 250);\">via download_server. \n\n<span style=\"background-color: rgb(246, 248, 250);\">Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to download_server service which run with UID 1000.</span>\n\n</span></span>"}], "value": "OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to download_server service which run with UID 1000."}], "impacts": [{"capecId": "CAPEC-72", "descriptions": [{"lang": "en", "value": "CAPEC-72 URL Encoding"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "dateUpdated": "2022-12-12T09:47:38.527824Z"}, "references": [{"tags": ["patch", "vendor-advisory"], "url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-11.md", "refsource": "MISC", "name": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-11.md"}], "source": {"discovery": "UNKNOWN"}, "title": "Arbitrary file read via download_server.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}, "cveMetadata": {"assignerOrgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "cveId": "CVE-2022-43449", "serial": 1, "state": "PUBLISHED", "dateUpdated": "2022-12-12T09:47:38.527824Z", "dateReserved": "2022-10-31T00:00:00", "datePublished": "2022-11-03T19:15:14.052046Z", "assignerShortName": "OpenHarmony"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openharmony:openharmony:*:*:*:*:*:*:*:*", "matchCriteriaId": "C026D184-A8AE-4DE6-A339-EA4469DDD4E7", "versionEndIncluding": "3.1.2", "versionStartIncluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to download_server service which run with UID 1000."}, {"lang": "es", "value": "OpenHarmony-v3.1.2 y versiones anteriores ten\u00edan una vulnerabilidad de lectura de archivos arbitraria a trav\u00e9s del servidor de descarga. Los atacantes locales pueden instalar una aplicaci\u00f3n maliciosa en el dispositivo y revelar cualquier archivo del sistema de archivos al que pueda acceder el servicio download_server que se ejecuta con UID 1000."}], "id": "CVE-2022-43449", "lastModified": "2022-11-07T02:18:25.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "scy@openharmony.io", "type": "Secondary"}]}, "published": "2022-11-03T20:15:33.527", "references": [{"source": "scy@openharmony.io", "tags": ["Third Party Advisory"], "url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-11.md"}], "sourceIdentifier": "scy@openharmony.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "scy@openharmony.io", "type": "Secondary"}]}