Login Sign Up

CVE-2014-4651

9.8 CRITICAL
Path Traversal

📋 TL;DR

CVE-2014-4651 is a path traversal vulnerability in Apache jclouds where the scriptbuilder Statements class writes temporary files to predictable locations. This allows attackers to access sensitive data, cause denial of service, or perform other attacks by manipulating predictable file paths. Systems using vulnerable versions of Apache jclouds are affected.

💻 Affected Systems

Products:
  • Apache jclouds
Versions: Versions prior to 1.7.0
Operating Systems: All operating systems running Java
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all deployments using the vulnerable scriptbuilder Statements class functionality.

📦 What is this software?

Jclouds by Apache

View all CVEs affecting Jclouds →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through arbitrary code execution by overwriting critical system files or sensitive configuration files.

🟠

Likely Case

Information disclosure of sensitive data from temporary files or denial of service by corrupting critical files.

🟢

If Mitigated

Limited impact with proper file permissions and isolation, though predictable paths remain a risk.

🌐 Internet-Facing: HIGH - Exploitable remotely if jclouds services are exposed to untrusted networks.
🏢 Internal Only: MEDIUM - Requires internal access but predictable paths make exploitation easier.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires knowledge of the predictable file paths and ability to write to those locations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apache jclouds 1.7.0 and later

Vendor Advisory: https://issues.apache.org/jira/browse/JCLOUDS-612

Restart Required: Yes

Instructions:

1. Upgrade Apache jclouds to version 1.7.0 or later. 2. Update all dependencies to use the patched version. 3. Restart all services using jclouds.

🔧 Temporary Workarounds

Secure temporary directory permissions

linux

Restrict write permissions on temporary directories used by jclouds

chmod 700 /tmp/jclouds_temp
chown root:root /tmp/jclouds_temp

Use secure temporary directory

all

Configure jclouds to use a secure, non-predictable temporary directory

export JCLOUDS_TEMP_DIR=$(mktemp -d)

🧯 If You Can't Patch

  • Implement strict file permission controls on temporary directories
  • Isolate jclouds services in containers or VMs with restricted filesystem access

🔍 How to Verify

Check if Vulnerable:

Check jclouds version: grep -r 'jclouds' pom.xml or check Maven dependencies for versions < 1.7.0

Check Version:

mvn dependency:tree | grep jclouds

Verify Fix Applied:

Verify jclouds version is 1.7.0 or higher and check that temporary files are no longer written to predictable locations

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized file access attempts in /tmp directories
  • Unexpected file creation in predictable temporary paths

Network Indicators:

  • Unusual outbound connections from jclouds services

SIEM Query:

source="jclouds.log" AND (event="FileAccess" OR event="TempFileCreation")

📊 Metadata

CVE ID: CVE-2014-4651
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-20
Published: February 18, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2014-4651, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2020-12388 10.0

This vulnerability allows attackers to escape Firefox's content process sandbox on Windows systems, ...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)