CVE-2021-21292

Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their privilege to the same as Traccar service (system). This is fixed in version 4.12.

CVSS v3.0 6.3 MEDIUM
CVSS v2.0 1.9 LOW

6.3^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

1.9^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 3.4 / Impact : 2.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.traccar.org/	Product
https://github.com/traccar/traccar/security/advisories/GHSA-j75r-7qm5-62q5	Third Party Advisory
https://github.com/traccar/traccar/commit/cc69a9907ac9878db3750aa14ffedb28626455da	Patch Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:traccar:traccar:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Information

Published : 2021-02-02 12:15

Updated : 2021-02-08 10:37

NVD link : CVE-2021-21292

Mitre link : CVE-2021-21292

JSON object : View

CWE

CWE-428

Unquoted Search Path or Element

Advertisement

Products Affected

microsoft

windows

traccar

traccar

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.traccar.org/", "name": "https://www.traccar.org/", "tags": ["Product"], "refsource": "MISC"}, {"url": "https://github.com/traccar/traccar/security/advisories/GHSA-j75r-7qm5-62q5", "name": "https://github.com/traccar/traccar/security/advisories/GHSA-j75r-7qm5-62q5", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://github.com/traccar/traccar/commit/cc69a9907ac9878db3750aa14ffedb28626455da", "name": "https://github.com/traccar/traccar/commit/cc69a9907ac9878db3750aa14ffedb28626455da", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their privilege to the same as Traccar service (system). This is fixed in version 4.12."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-428"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-21292", "ASSIGNER": "security-advisories@github.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 1.8}}, "publishedDate": "2021-02-02T20:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:traccar:traccar:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.12"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-02-08T18:37Z"}