Vulnerability CVE-2014-1402

Vulnerability Name:

CVE-2014-1402 (CCN-90221)

Assigned:

2014-01-09

Published:

2014-01-09

Updated:

2017-12-22

Summary:

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.

CVSS v3 Severity:

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.4 Medium (REDHAT CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-264
CWE-377

Vulnerability Consequences:

Gain Access

References:

Source: CONFIRM
Type: UNKNOWN
http://advisories.mageia.org/MGASA-2014-0028.html

Source: CCN
Type: Debian Bug report logs - #734747
jinja2: CVE-2014-1402: jinja2.bccache.FileSystemBytecodeCache: insecure default directory

Source: MITRE
Type: CNA
CVE-2014-1402

Source: CCN
Type: Jinja2 Web site
Jinja2

Source: CONFIRM
Type: UNKNOWN
http://jinja.pocoo.org/docs/changelog/

Source: MLIST
Type: UNKNOWN
[oss-security] 20140110 CVE Request: python-jinja2: arbitrary code execution vulnerability

Source: MLIST
Type: UNKNOWN
[oss-security] 20140110 Re: CVE Request: python-jinja2: arbitrary code execution vulnerability

Source: CCN
Type: RHSA-2014-0747
Moderate: python-jinja2 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2014:0747

Source: REDHAT
Type: UNKNOWN
RHSA-2014:0748

Source: CCN
Type: oss-security: Fri, 10 Jan 2014
CVE Request: python-jinja2: arbitrary code execution vulnerability

Source: CCN
Type: SA56287
Jinja Filesystem Cache Insecure File Creation Security Issue

Source: SECUNIA
Type: UNKNOWN
56287

Source: SECUNIA
Type: UNKNOWN
58783

Source: SECUNIA
Type: UNKNOWN
58918

Source: SECUNIA
Type: UNKNOWN
59017

Source: SECUNIA
Type: UNKNOWN
60738

Source: SECUNIA
Type: UNKNOWN
60770

Source: GENTOO
Type: UNKNOWN
GLSA-201408-13

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2014:096

Source: CCN
Type: BID-64759
Jinja2 'jinja2.bccache.FileSystemBytecodeCache' Insecure File Permissions Vulnerability

Source: CONFIRM
Type: UNKNOWN
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747

Source: CCN
Type: Red Hat Bugzilla Bug 1051421
(CVE-2014-1402) CVE-2014-1402 python-jinja2: arbitrary code execution vulnerability

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=1051421

Source: XF
Type: UNKNOWN
jinja2-cve20141402-code-exec(90221)

Source: MLIST
Type: UNKNOWN
[El-errata] 20140611 Oracle Linux Security Advisory ELSA-2014-0747

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-1402

Vulnerable Configuration:

Configuration 1:

cpe:/a:pocoo:jinja2:2.0:-:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.0:rc1:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.1:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.1.1:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.2:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.2.1:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.3:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.3.1:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.4:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.4.1:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.5:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.5.1:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.5.2:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.5.3:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.5.4:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.5.5:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.6:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:2.7:*:*:*:*:*:*:*

OR cpe:/a:pocoo:jinja2:*:*:*:*:*:*:*:* (Version <= 2.7.1)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:26103	P	USN-2301-1 -- jinja2 vulnerabilities	2014-09-15
oval:org.mitre.oval:def:24851	P	ELSA-2014:0747: python-jinja2 security update (Moderate)	2014-09-01
oval:org.mitre.oval:def:24790	P	RHSA-2014:0747: python-jinja2 security update (Moderate)	2014-08-18
oval:com.redhat.rhsa:def:20140747	P	RHSA-2014:0747: python-jinja2 security update (Moderate)	2014-06-11
oval:com.ubuntu.precise:def:20141402000	V	CVE-2014-1402 on Ubuntu 12.04 LTS (precise) - medium.	2014-05-19
oval:com.ubuntu.trusty:def:20141402000	V	CVE-2014-1402 on Ubuntu 14.04 LTS (trusty) - medium.	2014-05-19

BACK