平台
java
组件
org.openapitools:openapi-generator-online
修复版本
5.1.1
5.1.0
CVE-2021-21428 is a local privilege escalation vulnerability discovered in OpenAPI Generator Online. This flaw allows a malicious user on a Unix-like system to exploit a race condition during temporary file creation, potentially gaining elevated privileges. The vulnerability affects versions of OpenAPI Generator Online up to 5.0.1, and a fix is available in version 5.1.0.
The core of this vulnerability lies in how OpenAPI Generator Online handles temporary file creation. The File.createTempFile method, used to generate temporary directories, is susceptible to a race condition on Unix-like systems. Because temporary directories are often shared across users, a malicious user can observe the creation of a temporary subdirectory and then race to complete its creation. This allows the attacker to append code to the output folder, which, when executed, can be attacker-controlled. The impact is local privilege escalation; an attacker gains the ability to execute code with the privileges of the process running OpenAPI Generator Online, potentially compromising the entire system. This is particularly concerning in shared hosting environments or systems where the OpenAPI Generator Online process runs with elevated privileges.
This vulnerability was publicly disclosed on May 11, 2021. While no active exploitation campaigns have been definitively linked to CVE-2021-21428, the CRITICAL severity and the relatively straightforward nature of the race condition suggest a potential for exploitation. No public proof-of-concept exploits are widely available, but the vulnerability's characteristics make it a likely candidate for future exploitation. It is not currently listed on CISA KEV.
Systems running OpenAPI Generator Online version 5.0.1 or earlier are at risk. This includes development environments, CI/CD pipelines that utilize OpenAPI Generator Online, and shared hosting environments where multiple users share the same temporary directory. Organizations using OpenAPI Generator Online to automatically generate API client code are particularly vulnerable.
• linux / server:
find /tmp -type f -mmin -5 -print0 | xargs -0 ls -l | grep -i 'openapi-generator'• linux / server:
journalctl -f | grep "createTempFile"• linux / server:
lsof /tmp | grep openapi-generatordisclosure
漏洞利用状态
EPSS
0.05% (16% 百分位)
CVSS 向量
The primary mitigation is to upgrade to OpenAPI Generator Online version 5.1.0 or later, which addresses the race condition. If an immediate upgrade is not possible, consider implementing a workaround by restricting access to the temporary directory used by OpenAPI Generator Online. This can be achieved through file system permissions, limiting which users can read, write, or execute files within that directory. Monitoring the creation and modification of files in the temporary directory can also help detect potential exploitation attempts. While not a direct fix, implementing robust input validation and sanitization can reduce the risk of malicious code being injected into the generated files. After upgrading, confirm the fix by attempting to create a temporary file and verifying that the attacker cannot manipulate its contents.
升级 OpenAPI Generator 版本到 5.1.0 或更高版本。此版本修复了在具有不安全权限的目录中创建临时文件的问题,从而避免了潜在的安全漏洞。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2021-21428 is a critical vulnerability in OpenAPI Generator Online versions up to 5.0.1 that allows a local attacker to exploit a race condition during temporary file creation, leading to local privilege escalation.
If you are running OpenAPI Generator Online version 5.0.1 or earlier, you are affected by this vulnerability. Upgrade to version 5.1.0 or later to mitigate the risk.
The recommended fix is to upgrade to OpenAPI Generator Online version 5.1.0 or later. As a temporary workaround, restrict access to the temporary directory used by the application.
While no active exploitation campaigns have been definitively confirmed, the vulnerability's severity and ease of exploitation suggest a potential for future attacks.
Refer to the official OpenAPI Generator Online project repository and associated security advisories for detailed information and updates: [https://github.com/openapitools/openapi-generator-online](https://github.com/openapitools/openapi-generator-online)
上传你的 pom.xml 文件,立即知道是否受影响。