Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2021-43783
Good to know:
Date: November 29, 2021
@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend host instance. This vulnerability can in some situation also be exploited through user input when executing a template, meaning you do not need write access to the templates. This method will not allow the attacker to control the contents of the injected file however, unless the template is also crafted in a specific way that gives control of the file contents. This vulnerability is fixed in version `0.15.14` of the `@backstage/plugin-scaffolder-backend`. This attack is mitigated by restricting access and requiring reviews when registering or modifying scaffolder templates.
Language: TYPE_SCRIPT
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Path Traversal
CWE-22Top Fix
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | NETWORK |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | LOW |
| User Interaction (UI): | NONE |
| Scope (S): | CHANGED |
| Confidentiality (C): | NONE |
| Integrity (I): | HIGH |
| Availability (A): | LOW |
CVSS v2
| Base Score: |
|
|---|---|
| Access Vector (AV): | NETWORK |
| Access Complexity (AC): | LOW |
| Authentication (AU): | SINGLE |
| Confidentiality (C): | NONE |
| Integrity (I): | PARTIAL |
| Availability (A): | PARTIAL |
| Additional information: |