CVE-2021-21429
Information Disclosure vulnerability in openapi-generator-maven-plugin (Maven)
What is CVE-2021-21429 About?
This vulnerability affects OpenAPI Generator Maven plug-in and results in the creation of insecure temporary files. These files can be read by any local user on Unix-like systems, leading to sensitive information disclosure. Exploitation is straightforward for local attackers.
Affected Software
Technical Details
The OpenAPI Generator Maven plug-in, specifically when using File.createTempFile in JDK on Unix-like systems, creates insecure temporary files during the code generation process. The vulnerability arises because File.createTempFile on these systems generates temporary files in a shared system temporary directory with permissions that allow other local users to read their contents. The plug-in uses these temporary files to store OpenAPI specification files provided by users. Consequently, any local user on the system can read the contents of these specification files, leading to information disclosure of potentially sensitive application and system data. This flaw does not affect Windows or modern MacOS due to their different temporary file handling mechanisms.
What is the Impact of CVE-2021-21429?
Successful exploitation may allow attackers to gain unauthorized access to sensitive information, leading to the disclosure of application and system data.
What is the Exploitability of CVE-2021-21429?
Exploitation of this vulnerability requires local access to the system. An attacker with a low-privileged local user account can simply read the contents of the insecurely created temporary files. There are no authentication requirements beyond logging into the system. The vulnerability is local, not remote. Special conditions include the use of the OpenAPI Generator Maven plug-in on a Unix-like system. The risk factor increases in multi-user environments where untrusted users have local access to the system where the plug-in is run, allowing them to easily access sensitive specification file data.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2021-21429?
Available Upgrade Options
- org.openapitools:openapi-generator-maven-plugin
- <5.1.0 → Upgrade to 5.1.0
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/OpenAPITools/openapi-generator/blob/06ad7a51eff04393203cfa715e54e1fb59d984fe/modules/openapi-generator-maven-plugin/src/main/java/org/openapitools/codegen/plugin/CodeGenMojo.java#L782-L799
- https://nvd.nist.gov/vuln/detail/CVE-2021-21429
- https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-867q-77cc-98mv
- https://github.com/OpenAPITools/openapi-generator/pull/8795
- https://osv.dev/vulnerability/GHSA-867q-77cc-98mv
- https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-867q-77cc-98mv
- https://github.com/OpenAPITools/openapi-generator/pull/8795
What are Similar Vulnerabilities to CVE-2021-21429?
Similar Vulnerabilities: CVE-2021-20191 , CVE-2022-2144 , CVE-2022-45097 , CVE-2022-2357 , CVE-2021-23611
