Miggo Logo

CVE-2020-8908: Guava Temporary Directory Permission Information Disclosure Vulnerability

3.3

CVSS Score
3.1

Basic Information

EPSS Score
0.19656%
Published
3/25/2021
Updated
11/9/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.google.guava:guavamaven< 32.0.0-android32.0.0-android

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability CVE-2020-8908 concerns the creation of temporary directories (and by extension, files) with insecure default permissions in Guava.

  1. The primary function identified in the vulnerability description is com.google.common.io.Files.createTempDir. The patch feb83a1c8fd2e7670b244d5afd23cba5aca43284 clearly shows the removal of the insecure implementation (a loop calling File.mkdir()) and its replacement with a call to a new secure TempFileCreator.
  2. The same commit feb83a1c8fd2e7670b244d5afd23cba5aca43284 also modified com.google.common.io.FileBackedOutputStream. Specifically, its private update method, which is responsible for creating a temporary file when a data threshold is met during write operations, was changed. Previously, it used java.io.File.createTempFile directly, which could also result in insecure permissions. The commit message explicitly links the changes in FileBackedOutputStream to the fix for CVE-2020-8908. Both functions, in their pre-patch state, created filesystem resources in the system's temporary directory without ensuring restrictive permissions, making them vulnerable to information disclosure to other local users on the machine.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* t*mp *ir**tory *r**tion vuln*r**ility *xists in *u*v* prior to v*rsion **.*.* *llowin* *n *tt**k*r wit* ****ss to t** m***in* to pot*nti*lly ****ss **t* in * t*mpor*ry *ir**tory *r**t** *y t** *u*v* `*om.*oo*l*.*ommon.io.*il*s.*r**t*T*mp*ir()`. T**

Reasoning

T** vuln*r**ility *V*-****-**** *on**rns t** *r**tion o* t*mpor*ry *ir**tori*s (*n* *y *xt*nsion, *il*s) wit* ins**ur* ****ult p*rmissions in *u*v*. *. T** prim*ry *un*tion i**nti*i** in t** vuln*r**ility **s*ription is `*om.*oo*l*.*ommon.io.*il*s.*