9.3
HIGH

CVE-2018-1335

Published: 25/04/2018 Updated: 18/03/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

Vulnerability Summary

From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Access Complexity: MEDIUM
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Vulnerability Trend

Affected Products

Vendor Product Versions
ApacheTika0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 0.9, 0.10, 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 1.14, 1.15, 1.16, 1.17

Vendor Advisories

From Apache Tika versions 17 to 117, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server This vulnerability only affects those running tika-server on a server that is open to untrusted clients The mitigation is to upgrade to Tika 118 ...

Exploits

###################################################################################################### #Description: This is a PoC for remote command execution in Apache Tika-server # #Versions Affected: Tika-server versions < 118 # #Researcher: David Yesland Twitter: ...

Mailing Lists

Apache Tika Server versions prior to 118 suffer from a command injection vulnerability ...

Github Repositories

Rhino CVE Proof-of-Concept Exploits A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin <v37 CVE-2018-20621: MEmu Android Emulator Local Privilege Escalation CVE-2018-5757: Authenticated RCE in AudioCodes 450HD Phone CVE-2018-5758: XXE in Jiv

Rhino CVE Proof-of-Concept Exploits A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin <v37 CVE-2018-20621: MEmu Android Emulator Local Privilege Escalation CVE-2018-5757: Authenticated RCE in AudioCodes 450HD Phone CVE-2018-5758: XXE in Jiv

References