Search criteria
2 vulnerabilities
CVE-2021-42718 (GCVE-0-2021-42718)
Vulnerability from cvelistv5 – Published: 2025-01-23 22:45 – Updated: 2025-01-24 14:22
VLAI?
Summary
Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin Console API on port 8800.
This CVE was originally reserved in 2021 and later publicly disclosed by Replicated on their website on 21 October 2021. However, it mistakenly remained in the Reserved But Public (RBP) status with the CVE Numbering Authority (CNA). Please note that this product reached its end of life on 31 December 2024. Publishing this CVE with the CNA was required to comply with CNA rules, despite the fact that the issue was disclosed and fixed four years ago, and the affected product is no longer supported as of 2024.
Summary of VulnerabilityThis advisory discloses a low severity security vulnerability in the versions of Replicated Classic listed above (“Affected Replicated Classic Versions”)
DescriptionReplicated Classic versions prior to 2.53.1 have an authenticated API from the Replicated Admin Console that may expose sensitive data including application secrets, depending on how the application manifests are written. A user with valid credentials and access to the Admin Console port (8800) on the Replicated Classic server can retrieve container definitions including environment variables which may contain passwords and other secrets depending on how the application is configured.
This data is shared over authenticated sessions to the Admin Console only, and was never displayed or used in the application processing. To remediate this issue, we removed the sensitive data from the API, sending only the data to the Admin Console that was needed.
TimelineThis issue was discovered during a security review on 16 September 2021.
Patched versions were released on 23 September 2021.
This advisory was published on 21 October 2021.
The CVE Numbering Authority (CNA) notified Replicated on 23 January 2025 that the CVE was still in Reserved But Public (RBP) status. Upon discovering the oversight in updating the status to published with the CNA, Replicated submitted the updated report on the same day, 23 January 2025.
Severity ?
4.9 (Medium)
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Replicated | Replicated Classic |
Affected:
2.53.0 , < 2.53.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-42718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T14:21:12.223233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T14:22:16.478Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Replicated Classic",
"vendor": "Replicated",
"versions": [
{
"lessThan": "2.53.1",
"status": "affected",
"version": "2.53.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2021-10-21T21:23:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin Console API on port 8800.\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis CVE was originally reserved in 2021 and later publicly disclosed by Replicated on their website on 21 October 2021. However, it mistakenly remained in the Reserved But Public (RBP) status with the CVE Numbering Authority (CNA). Please note that this product reached its end of life on 31 December 2024. Publishing this CVE with the CNA was required to comply with CNA rules, despite the fact that the issue was disclosed and fixed four years ago, and the affected product is no longer supported as of 2024.\u003c/p\u003e\u003ch3\u003e\u003cstrong\u003eSummary of Vulnerability\u003c/strong\u003e\u003c/h3\u003e\u003cp\u003eThis advisory discloses a low severity security vulnerability in the versions of Replicated Classic listed above (\u201cAffected Replicated Classic Versions\u201d)\u003c/p\u003e\u003ch3\u003e\u003cstrong\u003eDescription\u003c/strong\u003e\u003c/h3\u003e\u003cp\u003eReplicated Classic versions prior to 2.53.1 have an authenticated API from the Replicated Admin Console that may expose sensitive data including application secrets, depending on how the application manifests are written. A user with valid credentials and access to the Admin Console port (8800) on the Replicated Classic server can retrieve container definitions including environment variables which may contain passwords and other secrets depending on how the application is configured.\u003c/p\u003e\u003cp\u003eThis data is shared over authenticated sessions to the Admin Console only, and was never displayed or used in the application processing. To remediate this issue, we removed the sensitive data from the API, sending only the data to the Admin Console that was needed.\u003c/p\u003e\u003ch3\u003eTimeline\u003c/h3\u003e\u003cp\u003eThis issue was discovered during a security review on 16 September 2021.\u003cbr\u003ePatched versions were released on 23 September 2021.\u003cbr\u003eThis advisory was published on 21 October 2021.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThe CVE Numbering Authority (CNA) notified Replicated on 23 January 2025 that the CVE was still in Reserved But Public (RBP) status. Upon discovering the oversight in updating the status to published with the CNA, Replicated submitted the updated report on the same day, 23 January 2025.\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin Console API on port 8800.\n\nThis CVE was originally reserved in 2021 and later publicly disclosed by Replicated on their website on 21 October 2021. However, it mistakenly remained in the Reserved But Public (RBP) status with the CVE Numbering Authority (CNA). Please note that this product reached its end of life on 31 December 2024. Publishing this CVE with the CNA was required to comply with CNA rules, despite the fact that the issue was disclosed and fixed four years ago, and the affected product is no longer supported as of 2024.\n\nSummary of VulnerabilityThis advisory discloses a low severity security vulnerability in the versions of Replicated Classic listed above (\u201cAffected Replicated Classic Versions\u201d)\n\nDescriptionReplicated Classic versions prior to 2.53.1 have an authenticated API from the Replicated Admin Console that may expose sensitive data including application secrets, depending on how the application manifests are written. A user with valid credentials and access to the Admin Console port (8800) on the Replicated Classic server can retrieve container definitions including environment variables which may contain passwords and other secrets depending on how the application is configured.\n\nThis data is shared over authenticated sessions to the Admin Console only, and was never displayed or used in the application processing. To remediate this issue, we removed the sensitive data from the API, sending only the data to the Admin Console that was needed.\n\nTimelineThis issue was discovered during a security review on 16 September 2021.\nPatched versions were released on 23 September 2021.\nThis advisory was published on 21 October 2021.\n\n\nThe CVE Numbering Authority (CNA) notified Replicated on 23 January 2025 that the CVE was still in Reserved But Public (RBP) status. Upon discovering the oversight in updating the status to published with the CNA, Replicated submitted the updated report on the same day, 23 January 2025."
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T22:45:37.185Z",
"orgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"shortName": "Replicated"
},
"references": [
{
"url": "https://www.replicated.com/cve-2021-42718"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sensitive data unnecessarily returned from authenticated API",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"assignerShortName": "Replicated",
"cveId": "CVE-2021-42718",
"datePublished": "2025-01-23T22:45:37.185Z",
"dateReserved": "2021-10-19T19:53:23.135Z",
"dateUpdated": "2025-01-24T14:22:16.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43058 (GCVE-0-2021-43058)
Vulnerability from cvelistv5 – Published: 2021-11-01 21:03 – Updated: 2024-08-04 03:47
VLAI?
Summary
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site.
Severity ?
No CVSS data available.
CWE
- URL redirection to untrusted site (“Open Redirect”).
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | REPLICATED CLASSIC |
Affected:
All versions prior to 2.53.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:47:13.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "REPLICATED CLASSIC",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.53.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "URL redirection to untrusted site (\u201cOpen Redirect\u201d).",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-01T21:03:18",
"orgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"shortName": "Replicated"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@replicated.com",
"ID": "CVE-2021-43058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "REPLICATED CLASSIC",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.53.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "URL redirection to untrusted site (\u201cOpen Redirect\u201d)."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.replicated.com/security/advisories/CVE-2021-43058",
"refsource": "MISC",
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"assignerShortName": "Replicated",
"cveId": "CVE-2021-43058",
"datePublished": "2021-11-01T21:03:18",
"dateReserved": "2021-10-28T00:00:00",
"dateUpdated": "2024-08-04T03:47:13.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}