Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
0

CVE-2020-1945

Disclosure Date: May 14, 2020
CVE-2020-1945 CVSS v3 Base Score: 6.3
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
6.3 Medium
Impact Score:
5.2
Exploitability Score:
1
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector (AV):
Local
Attack Complexity (AC):
High
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
None

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Apache Ant Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • apache,
  • canonical,
  • fedoraproject,
  • opensuse,
  • oracle

Products

  • agile engineering data management 6.2.1.0,
  • ant,
  • banking enterprise collections,
  • banking liquidity management,
  • banking platform,
  • business process management suite 12.2.1.3.0,
  • business process management suite 12.2.1.4.0,
  • category management planning & optimization 15.0.3,
  • communications asap 7.3,
  • communications diameter signaling router,
  • communications metasolv solution 6.3.0,
  • communications order and service management 7.3,
  • communications order and service management 7.4,
  • data integrator 12.2.1.3.0,
  • data integrator 12.2.1.4.0,
  • endeca information discovery studio 3.2.0,
  • enterprise manager ops center 12.4.0.0,
  • enterprise repository 11.1.1.7.0,
  • fedora 31,
  • fedora 32,
  • financial services analytical applications infrastructure,
  • flexcube investor servicing 12.1.0,
  • flexcube investor servicing 12.3.0,
  • flexcube investor servicing 12.4.0,
  • flexcube investor servicing 14.0.0,
  • flexcube investor servicing 14.1.0,
  • flexcube private banking 12.0.0,
  • flexcube private banking 12.1.0,
  • health sciences information manager,
  • leap 15.2,
  • primavera gateway,
  • primavera unifier,
  • primavera unifier 16.1,
  • primavera unifier 16.2,
  • primavera unifier 18.8,
  • primavera unifier 19.12,
  • rapid planning 12.1,
  • rapid planning 12.2,
  • real-time decision server 3.2.1.0,
  • retail advanced inventory planning 14.1,
  • retail advanced inventory planning 15.0,
  • retail advanced inventory planning 16.0,
  • retail assortment planning 15.0.3,
  • retail assortment planning 16.0.3,
  • retail back office 14.0,
  • retail back office 14.1,
  • retail bulk data integration 15.0,
  • retail bulk data integration 16.0,
  • retail bulk data integration 16.0.3.0,
  • retail bulk data integration 19.0.1,
  • retail central office 14.0,
  • retail central office 14.1,
  • retail data extractor for merchandising 1.10,
  • retail data extractor for merchandising 1.9,
  • retail extract transform and load 13.2.5,
  • retail extract transform and load 13.2.8,
  • retail financial integration 14.1.3.2,
  • retail financial integration 15.0,
  • retail financial integration 15.0.4.0,
  • retail financial integration 16.0,
  • retail financial integration 16.0.3.0,
  • retail integration bus 14.1,
  • retail integration bus 14.1.3.2,
  • retail integration bus 15.0,
  • retail integration bus 15.0.4.0,
  • retail integration bus 16.0,
  • retail integration bus 16.0.3.0,
  • retail integration bus 19.0.1.0,
  • retail item planning 15.0.3,
  • retail macro space optimization 15.0.3,
  • retail merchandise financial planning 15.0.3,
  • retail merchandising system 19.0.1,
  • retail point-of-service 14.0,
  • retail point-of-service 14.1,
  • retail point-of-service 15.0,
  • retail point-of-service 16.0,
  • retail predictive application server 14.0.3,
  • retail predictive application server 14.1.3,
  • retail predictive application server 15.0.3,
  • retail predictive application server 16.0.3,
  • retail predictive application server 16.0.3.0,
  • retail regular price optimization 15.0.3,
  • retail regular price optimization 16.0.3,
  • retail replenishment optimization 15.0.3,
  • retail returns management 14.0,
  • retail returns management 14.1,
  • retail service backbone 14.1.3.2,
  • retail service backbone 15.0,
  • retail service backbone 15.0.4.0,
  • retail service backbone 16.0,
  • retail service backbone 16.0.3.0,
  • retail service backbone 19.0.1.0,
  • retail size profile optimization 15.0.3,
  • retail size profile optimization 16.0.3,
  • retail store inventory management 14.0.4,
  • retail store inventory management 14.1,
  • retail store inventory management 14.1.3,
  • retail store inventory management 15.0,
  • retail store inventory management 15.0.3,
  • retail store inventory management 16.0,
  • retail store inventory management 16.0.3,
  • retail xstore point of service 15.0.4,
  • retail xstore point of service 16.0.6,
  • retail xstore point of service 17.0.4,
  • retail xstore point of service 18.0.3,
  • retail xstore point of service 19.0.2,
  • timesten in-memory database,
  • timesten in-memory database 11.2.2.8.49,
  • ubuntu linux 19.10,
  • utilities framework,
  • utilities framework 2.2.0.0.0,
  • utilities framework 4.2.0.2.0,
  • utilities framework 4.2.0.3.0,
  • utilities framework 4.4.0.0.0,
  • utilities framework 4.4.0.2.0

References

Canonical
CVE-2020-1945 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1945)
Advisory
[creadur-dev] 20200518 [jira] [Created] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/rda80ac59119558eaec452e58ddfac2ccc9211da1c65f7927682c78b1@%3Cdev.creadur.apache.org%3E)
[creadur-commits] 20200518 [creadur-rat] 03/03: RAT-269: Update Apache ANT to fix CVE-2020-1945 (https://lists.apache.org/thread.html/rfd346609527a79662c48b1da3ac500ec30f29f7ddaa3575051e81890@%3Ccommits.creadur.apache.org%3E)
[creadur-commits] 20200518 [creadur-rat] branch master updated: RAT-269: Update Apache ANT to fix CVE-2020-1945 (https://lists.apache.org/thread.html/re1ce84518d773a94a613d988771daf9252c9cf7375a9a477009f9735@%3Ccommits.creadur.apache.org%3E)
[creadur-dev] 20200518 [jira] [Closed] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r95dc943e47a211d29df605e14f86c280fc9fa8d828b2b53bd07673c9@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20200518 [jira] [Commented] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/rd7dda48ff835f4d0293949837d55541bfde3683bd35bd8431e324538@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20200518 [jira] [Assigned] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r1863b9ce4c3e4b1e5b0c671ad05545ba3eb8399616aa746af5dfe1b1@%3Cdev.creadur.apache.org%3E)
[groovy-notifications] 20200522 [jira] [Closed] (GROOVY-9552) Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability (https://lists.apache.org/thread.html/rdaa9c51d5dc6560c9d2b3f3d742c768ad0705e154041e574a0fae45c@%3Cnotifications.groovy.apache.org%3E)
[hive-dev] 20200530 [jira] [Created] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r1b32c76afffcf676e13ed635a3332f3e46e6aaa7722eb3fc7a28f58e@%3Cdev.hive.apache.org%3E)
[hive-issues] 20200530 [jira] [Assigned] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r0d08a96ba9de8aa435f32944e8b2867c368a518d4ff57782e3637335@%3Cissues.hive.apache.org%3E)
[hive-issues] 20200530 [jira] [Updated] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r4b2904d64affd4266cd72ccb2fc3927c1c2f22009f183095aa46bf90@%3Cissues.hive.apache.org%3E)
[hive-issues] 20200530 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r6edd3e2cb79ee635630d891b54a4f1a9cd8c7f639d6ee34e75fbe830@%3Cissues.hive.apache.org%3E)
USN-4380-1 (https://usn.ubuntu.com/4380-1)
FEDORA-2020-52741b0a49 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRVAWTCVXJMRYKQKEXYSNBF7NLSR6OEI)
FEDORA-2020-7f07da3fef (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQBR65TINSJRN7PTPIVNYS33P535WM74)
[hive-issues] 20200621 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r8e24abb7dd77cda14c6df90a377c94f0a413bbfcec90a29540ff8adf@%3Cissues.hive.apache.org%3E)
[creadur-dev] 20200703 [jira] [Commented] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r2704fb14ce068c64759a986f81d5b5e42ab434fa13d0f444ad52816b@%3Cdev.creadur.apache.org%3E)
[db-torque-dev] 20200715 svn commit: r1879896 - in /db/torque/torque4/trunk: ./ torque-ant-tasks/ torque-ant-tasks/src/test/java/org/apache/torque/ant/task/ torque-generator/src/main/java/org/apache/torque/generator/control/ torque-generator/src/main/java/org/apache/torque/gen... (https://lists.apache.org/thread.html/r6e295d792032ec02b32be3846c21a58857fba4a077d22c5842d69ba2@%3Ctorque-dev.db.apache.org%3E)
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00053.html
GLSA-202007-34 (https://security.gentoo.org/glsa/202007-34)
[hive-issues] 20200804 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r815f88d1044760176f30a4913b4baacd06f3eae4eb662de7388e46d8@%3Cissues.hive.apache.org%3E)
[myfaces-commits] 20200826 [myfaces-tobago] branch tobago-2.x updated: update ant because of CVE-2020-1945 (https://lists.apache.org/thread.html/r5dfc77048b1f9db26622dce91a6edf083d499397256594952fad5f35@%3Ccommits.myfaces.apache.org%3E)
USN-4380-1 (https://usn.ubuntu.com/4380-1/)
FEDORA-2020-52741b0a49 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRVAWTCVXJMRYKQKEXYSNBF7NLSR6OEI/)
FEDORA-2020-7f07da3fef (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQBR65TINSJRN7PTPIVNYS33P535WM74/)
[ant-dev] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability (https://lists.apache.org/thread.html/rc3c8ef9724b5b1e171529b47f4b35cb7920edfb6e917fa21eb6c64ea@%3Cdev.ant.apache.org%3E)
[announce] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability (https://lists.apache.org/thread.html/rb8ec556f176c83547b959150e2108e2ddf1d61224295941908b0a81f@%3Cannounce.apache.org%3E)
[ant-user] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability (https://lists.apache.org/thread.html/rc89e491b5b270fb40f1210b70554527b737c217ad2e831b643ead6bc@%3Cuser.ant.apache.org%3E)
[creadur-dev] 20200930 [jira] [Updated] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 (https://lists.apache.org/thread.html/rf07feaf78afc8f701e21948a06ef92565d3dff1242d710f4fbf900b2@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20200930 [jira] [Created] (RAT-274) Update to latest Ant in order to fix CVE-2020-11979 (https://lists.apache.org/thread.html/r1a9c992d7c8219dc15b4ad448649f0ffdaa88d76ef6a0035c49455f5@%3Cdev.creadur.apache.org%3E)
[oss-security] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability (http://www.openwall.com/lists/oss-security/2020/09/30/6)
[creadur-dev] 20201006 [jira] [Commented] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 (https://lists.apache.org/thread.html/r1dc8518dc99c42ecca5ff82d0d2de64cd5d3a4fa691eb9ee0304781e@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20201006 [jira] [Assigned] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 (https://lists.apache.org/thread.html/r4ca33fad3fb39d130cda287d5a60727d9e706e6f2cf2339b95729490@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20201006 [jira] [Updated] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 (https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20201006 [jira] [Updated] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 (https://lists.apache.org/thread.html/r2306b67f20c24942b872b0a41fbdc9330e8467388158bcd19c1094e0@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20201006 [jira] [Resolved] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 (https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E)
[hive-issues] 20201022 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT (https://lists.apache.org/thread.html/r3cea0f3da4f6d06d7afb6c0804da8e01773a0f50a09b8d9beb2cda65@%3Cissues.hive.apache.org%3E)
[groovy-notifications] 20201126 [jira] [Updated] (GROOVY-9552) Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability (https://lists.apache.org/thread.html/r6030d34ceacd0098538425c5dac8251ffc7fd90b886942bc7ef87858@%3Cnotifications.groovy.apache.org%3E)
[groovy-notifications] 20201126 [jira] [Comment Edited] (GROOVY-9552) Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability (https://lists.apache.org/thread.html/rce099751721c26a8166d8b6578293820832831a0b2cb8d93b8efa081@%3Cnotifications.groovy.apache.org%3E)
[groovy-commits] 20201126 [groovy] branch GROOVY_2_4_X updated: GROOVY-9552: Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability (https://lists.apache.org/thread.html/r6970d196cd73863dafdbc3a7052562deedd338e3bd7d73d8171d92d6@%3Ccommits.groovy.apache.org%3E)
[groovy-users] 20201205 [SECURITY] CVE-2020-17521: Apache Groovy Information Disclosure (https://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967@%3Cusers.groovy.apache.org%3E)
[groovy-dev] 20201205 [SECURITY] CVE-2020-17521: Apache Groovy Information Disclosure (https://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967@%3Cdev.groovy.apache.org%3E)
[oss-security] 20201206 [CVE-2020-17521]: Apache Groovy Information Disclosure (http://www.openwall.com/lists/oss-security/2020/12/06/1)
[announce] 20201205 [SECURITY] CVE-2020-17521: Apache Groovy Information Disclosure (https://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967@%3Cannounce.apache.org%3E)
[groovy-notifications] 20201207 [jira] [Closed] (GROOVY-9824) CVE-2020-17521 Apache Groovy Information Disclosure (https://lists.apache.org/thread.html/ra9dab34bf8625511f23692ad0fcee2725f782e9aad6c5cdff6cf4465@%3Cnotifications.groovy.apache.org%3E)
[myfaces-commits] 20201211 [myfaces-tobago] 02/22: update ant because of CVE-2020-1945 (https://lists.apache.org/thread.html/rb860063819b9c0990e1fbce29d83f4554766fe5a05e3b3939736bf2b@%3Ccommits.myfaces.apache.org%3E)
[creadur-dev] 20210419 [jira] [Commented] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 (https://lists.apache.org/thread.html/raaeddc41da8f3afb1cb224876084a45f68e437a0afd9889a707e4b0c@%3Cdev.creadur.apache.org%3E)
[creadur-dev] 20210621 [jira] [Commented] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 (https://lists.apache.org/thread.html/rbfe9ba28b74f39f46ec1bbbac3bef313f35017cf3aac13841a84483a@%3Cdev.creadur.apache.org%3E)
Miscellaneous
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.apache.org/thread.html/r8e592bbfc016a5dbe2a8c0e81ff99682b9c78c453621b82c14e7b75e%40%3Cdev.ant.apache.org%3E
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpujan2022.html

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis