6.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-31411

GHSA ID

GHSA-p826-8vhq-h439

EPSS Score

0.15058%

CWE

CWE-379

Published

5/6/2021

Updated

2/1/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-31411

CVE-2021-31411:
Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19

Insecure temporary directory usage in frontend build functionality of com.vaadin:flow-server versions 2.0.9 through 2.5.2 (Vaadin 14.0.3 through Vaadin 14.5.2), 3.0 prior to 6.0 (Vaadin 15 prior to 19), and 6.0.0 through 6.0.5 (Vaadin 19.0.0 through 19.0.4) allows local users to inject malicious code into frontend resources during application rebuilds.

https://vaadin.com/security/cve-2021-31411

(GitHub Advisory)

6.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-31411

GHSA ID

GHSA-p826-8vhq-h439

EPSS Score

0.15058%

CWE

CWE-379

Published

5/6/2021

Updated

2/1/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
com.vaadin:vaadin-bom	maven	>= 14.0.3, <= 14.5.2	14.5.3
com.vaadin:vaadin-bom	maven	>= 15.0.0, <= 19.0.2	19.0.5

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from using the OS's default temp directory (CWE-379) for frontend build resources. FrontendUtils.getBaseDir() was identified as the entry point for temp directory resolution in Vaadin's build process, using System.getProperty("java.io.tmpdir") in vulnerable versions. The ensureDirectoryExists method would then create directories with broad permissions. Patches likely modified these functions to use application-specific temp directories with secure permissions. These functions would appear in stack traces during frontend rebuild operations where temporary directory handling occurs.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Ins**ur* t*mpor*ry *ir**tory us*** in *ront*n* *uil* *un*tion*lity o* `*om.v***in:*low-s*rv*r` v*rsions *.*.* t*rou** *.*.* (V***in **.*.* t*rou** V***in **.*.*), *.* prior to *.* (V***in ** prior to **), *n* *.*.* t*rou** *.*.* (V***in **.*.* t*rou*

Reasoning

T** vuln*r**ility st*ms *rom usin* t** OS's ****ult t*mp *ir**tory (*W*-***) *or *ront*n* *uil* r*sour**s. *ront*n*Utils.**t**s**ir() w*s i**nti*i** *s t** *ntry point *or t*mp *ir**tory r*solution in V***in's *uil* pro**ss, usin* Syst*m.**tProp*rty(

6.3

Basic Information

Concerned about an active attack path?

CVE-2021-31411: Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19

6.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2021-31411:
Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19

Vulnerability Intelligence
Miggo AI