MPXJ Temp File Permission Leak - Fixed in v10.14.1
CVE-2022-41954 Published on November 25, 2022
Temporary File Information Disclosure Vulnerability
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the permissions `-rw-r--r--`. This means that any other user on the system can read the contents of this file. When MPXJ is reading a schedule file which requires the creation of a temporary file or directory, a knowledgeable local user could locate these transient files while they are in use and would then be able to read the schedule being processed by MPXJ. The problem has been patched, MPXJ version 10.14.1 and later includes the necessary changes. Users unable to upgrade may set `java.io.tmpdir` to a directory to which only the user running the application has access will prevent other users from accessing these temporary files.
Vulnerability Analysis
CVE-2022-41954 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Weakness Types
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2022-41954 has been classified to as an Information Disclosure vulnerability or weakness.
Insecure Temporary File
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
Products Associated with CVE-2022-41954
Want to know whenever a new CVE is published for Mpxj? stack.watch will email you.
Affected Versions
joniles mpxj Version < 10.14.1 is affected by CVE-2022-41954Vulnerable Packages
The following package name and versions may be associated with CVE-2022-41954
| Package Manager | Vulnerable Package | Versions | Fixed In |
|---|---|---|---|
| maven | net.sf.mpxj:mpxj | < 10.14.1 | 10.14.1 |
| nuget | net.sf.mpxj | < 10.14.1 | 10.14.1 |
| nuget | net.sf.mpxj-for-csharp | < 10.14.1 | 10.14.1 |
| nuget | net.sf.mpxj-for-vb | < 10.14.1 | 10.14.1 |
| pip | mpxj | < 10.14.1 | 10.14.1 |
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.