Vulnerabilites related to Apache Software Foundation - Apache APISIX Dashboard
cve-2021-33190
Vulnerability from cvelistv5
Published
2021-06-08 15:05
Modified
2024-08-03 23:42
Severity ?
EPSS score ?
Summary
In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. In the IP allowed list restriction, a risky function was used for the IP acquisition, which made it possible to bypass the network limit. At the same time, the default account and password are fixed.Ultimately these factors lead to the issue of security risks. This issue is fixed in APISIX Dashboard 2.6.1
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E | x_refsource_MISC | |
| https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2021/06/08/4 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Apache Software Foundation | Apache APISIX Dashboard |
Version: Apache APISIX Dashboard 2.6 2.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:20.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E"
},
{
"name": "[apisix-dev] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E"
},
{
"name": "[oss-security] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/08/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache APISIX Dashboard",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache APISIX Dashboard 2.6 2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. In the IP allowed list restriction, a risky function was used for the IP acquisition, which made it possible to bypass the network limit. At the same time, the default account and password are fixed.Ultimately these factors lead to the issue of security risks. This issue is fixed in APISIX Dashboard 2.6.1"
}
],
"metrics": [
{
"other": {
"content": {
"other": "important"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-08T17:06:25",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E"
},
{
"name": "[apisix-dev] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E"
},
{
"name": "[oss-security] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/08/4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Bypass network access control",
"workarounds": [
{
"lang": "en",
"value": "1. Change the account password after installation, do not use the default password.\n2. Upgrade to 2.6.1 or newer.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-33190",
"STATE": "PUBLIC",
"TITLE": "Bypass network access control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache APISIX Dashboard",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "Apache APISIX Dashboard 2.6",
"version_value": "2.6"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. In the IP allowed list restriction, a risky function was used for the IP acquisition, which made it possible to bypass the network limit. At the same time, the default account and password are fixed.Ultimately these factors lead to the issue of security risks. This issue is fixed in APISIX Dashboard 2.6.1"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "important"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307 Improper Restriction of Excessive Authentication Attempts"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049%40%3Cdev.apisix.apache.org%3E"
},
{
"name": "[apisix-dev] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re736aea55e8fd2478f0739c0c38a9375c4204fc1f0bd1ea687f57049@%3Cdev.apisix.apache.org%3E"
},
{
"name": "[oss-security] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/06/08/4"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "1. Change the account password after installation, do not use the default password.\n2. Upgrade to 2.6.1 or newer.\n\n"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-33190",
"datePublished": "2021-06-08T15:05:11",
"dateReserved": "2021-05-19T00:00:00",
"dateUpdated": "2024-08-03T23:42:20.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45232
Vulnerability from cvelistv5
Published
2021-12-27 15:06
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/979qbl6vlm8269fopfyygnxofgqyn6k5 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/12/27/1 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Apache Software Foundation | Apache APISIX Dashboard |
Version: 2.7 and 2.7.1 Version: 2.8 Version: 2.9 Version: 2.10 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:20.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/979qbl6vlm8269fopfyygnxofgqyn6k5"
},
{
"name": "[oss-security] 20211227 CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/27/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache APISIX Dashboard",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.7 and 2.7.1"
},
{
"status": "affected",
"version": "2.8"
},
{
"status": "affected",
"version": "2.9"
},
{
"status": "affected",
"version": "2.10"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Independently discovered by ZHU Yucheng of YuanbaoTeach Security Team."
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication."
}
],
"metrics": [
{
"other": {
"content": {
"other": "high"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:06:08",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/979qbl6vlm8269fopfyygnxofgqyn6k5"
},
{
"name": "[oss-security] 20211227 CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/27/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "security vulnerability on unauthorized access.",
"workarounds": [
{
"lang": "en",
"value": "Implement one of the following mitigation techniques:\n\n1. Upgrade to release 2.10.1\n\n2. Change the default username and password, restrict the source IP to access the Apache APISIX Dashboard"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-45232",
"STATE": "PUBLIC",
"TITLE": "security vulnerability on unauthorized access."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache APISIX Dashboard",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.7",
"version_value": "2.7 and 2.7.1"
},
{
"version_affected": "=",
"version_name": "2.8",
"version_value": "2.8"
},
{
"version_affected": "=",
"version_name": "2.9",
"version_value": "2.9"
},
{
"version_affected": "=",
"version_name": "2.10",
"version_value": "2.10"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Independently discovered by ZHU Yucheng of YuanbaoTeach Security Team."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "high"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/979qbl6vlm8269fopfyygnxofgqyn6k5",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/979qbl6vlm8269fopfyygnxofgqyn6k5"
},
{
"name": "[oss-security] 20211227 CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/27/1"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Implement one of the following mitigation techniques:\n\n1. Upgrade to release 2.10.1\n\n2. Change the default username and password, restrict the source IP to access the Apache APISIX Dashboard"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-45232",
"datePublished": "2021-12-27T15:06:50",
"dateReserved": "2021-12-18T00:00:00",
"dateUpdated": "2024-08-04T04:39:20.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}