Vulnerability-Lookup

CVE-2021-39240 (GCVE-0-2021-39240)

Vulnerability from cvelistv5 – Published: 2021-08-17 18:33 – Updated: 2024-08-04 02:06

Summary

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

Assigner

mitre

References

6 references

URL	Tags
https://www.mail-archive.com/haproxy%40formilux.o…	x_refsource_MISC
https://git.haproxy.org/?p=haproxy.git%3Ba=commit…	x_refsource_MISC
https://git.haproxy.org/?p=haproxy.git%3Ba=commit…	x_refsource_MISC
https://www.debian.org/security/2021/dsa-4960	vendor-advisoryx_refsource_DEBIAN
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:06:40.823Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg41041.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=a495e0d94876c9d39763db319f609351907a31e8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=4b8852c70d8c4b7e225e24eb58258a15eb54c26e"
          },
          {
            "name": "DSA-4960",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4960"
          },
          {
            "name": "FEDORA-2021-e6557245e8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPNY4WZIQUAUOCLIMUPC37AQWNXTWIQM/"
          },
          {
            "name": "FEDORA-2021-3ab4512c98",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ALECUZDIMT5FYGP6V6PVSI4BKVZTZWN/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-26T23:06:19.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg41041.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=a495e0d94876c9d39763db319f609351907a31e8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=4b8852c70d8c4b7e225e24eb58258a15eb54c26e"
        },
        {
          "name": "DSA-4960",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4960"
        },
        {
          "name": "FEDORA-2021-e6557245e8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPNY4WZIQUAUOCLIMUPC37AQWNXTWIQM/"
        },
        {
          "name": "FEDORA-2021-3ab4512c98",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ALECUZDIMT5FYGP6V6PVSI4BKVZTZWN/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-39240",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.mail-archive.com/haproxy@formilux.org/msg41041.html",
              "refsource": "MISC",
              "url": "https://www.mail-archive.com/haproxy@formilux.org/msg41041.html"
            },
            {
              "name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=a495e0d94876c9d39763db319f609351907a31e8",
              "refsource": "MISC",
              "url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=a495e0d94876c9d39763db319f609351907a31e8"
            },
            {
              "name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=4b8852c70d8c4b7e225e24eb58258a15eb54c26e",
              "refsource": "MISC",
              "url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=4b8852c70d8c4b7e225e24eb58258a15eb54c26e"
            },
            {
              "name": "DSA-4960",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2021/dsa-4960"
            },
            {
              "name": "FEDORA-2021-e6557245e8",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPNY4WZIQUAUOCLIMUPC37AQWNXTWIQM/"
            },
            {
              "name": "FEDORA-2021-3ab4512c98",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ALECUZDIMT5FYGP6V6PVSI4BKVZTZWN/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-39240",
    "datePublished": "2021-08-17T18:33:25.000Z",
    "dateReserved": "2021-08-17T00:00:00.000Z",
    "dateUpdated": "2024-08-04T02:06:40.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-39240",
      "date": "2026-06-09",
      "epss": "0.00066",
      "percentile": "0.20452"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.2.0\", \"versionEndExcluding\": \"2.2.16\", \"matchCriteriaId\": \"B8A35038-8767-48F3-B81F-81FCD0B31D32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.3.0\", \"versionEndExcluding\": \"2.3.13\", \"matchCriteriaId\": \"040439D6-C0FC-4550-884E-1B3FB396A5DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.4.0\", \"versionEndExcluding\": \"2.4.3\", \"matchCriteriaId\": \"88FF602C-41E1-4569-B09B-161BB7C85891\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado un problema en HAProxy versiones 2.2 anteriores a 2.2.16, versiones 2.3 anteriores a 2.3.13 y versiones 2.4 anteriores a 2.4.3. No se asegura que las porciones de esquema y ruta de un URI tengan los caracteres esperados. Por ejemplo, el campo authority (como es observado en un servidor HTTP/2 de destino) podr\\u00eda diferir de lo que las reglas de enrutamiento pretend\\u00edan lograr.\"}]",
      "id": "CVE-2021-39240",
      "lastModified": "2024-11-21T06:18:59.460",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-08-17T19:15:08.247",
      "references": "[{\"url\": \"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=4b8852c70d8c4b7e225e24eb58258a15eb54c26e\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=a495e0d94876c9d39763db319f609351907a31e8\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ALECUZDIMT5FYGP6V6PVSI4BKVZTZWN/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPNY4WZIQUAUOCLIMUPC37AQWNXTWIQM/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.debian.org/security/2021/dsa-4960\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mail-archive.com/haproxy%40formilux.org/msg41041.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=4b8852c70d8c4b7e225e24eb58258a15eb54c26e\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=a495e0d94876c9d39763db319f609351907a31e8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ALECUZDIMT5FYGP6V6PVSI4BKVZTZWN/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPNY4WZIQUAUOCLIMUPC37AQWNXTWIQM/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.debian.org/security/2021/dsa-4960\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mail-archive.com/haproxy%40formilux.org/msg41041.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-39240\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-08-17T19:15:08.247\",\"lastModified\":\"2024-11-21T06:18:59.460\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un problema en HAProxy versiones 2.2 anteriores a 2.2.16, versiones 2.3 anteriores a 2.3.13 y versiones 2.4 anteriores a 2.4.3. No se asegura que las porciones de esquema y ruta de un URI tengan los caracteres esperados. Por ejemplo, el campo authority (como es observado en un servidor HTTP/2 de destino) podr\u00eda diferir de lo que las reglas de enrutamiento pretend\u00edan lograr.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.16\",\"matchCriteriaId\":\"B8A35038-8767-48F3-B81F-81FCD0B31D32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.3.13\",\"matchCriteriaId\":\"040439D6-C0FC-4550-884E-1B3FB396A5DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.4.3\",\"matchCriteriaId\":\"88FF602C-41E1-4569-B09B-161BB7C85891\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"}]}]}],\"references\":[{\"url\":\"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=4b8852c70d8c4b7e225e24eb58258a15eb54c26e\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=a495e0d94876c9d39763db319f609351907a31e8\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ALECUZDIMT5FYGP6V6PVSI4BKVZTZWN/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPNY4WZIQUAUOCLIMUPC37AQWNXTWIQM/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.debian.org/security/2021/dsa-4960\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/haproxy%40formilux.org/msg41041.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=4b8852c70d8c4b7e225e24eb58258a15eb54c26e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=a495e0d94876c9d39763db319f609351907a31e8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ALECUZDIMT5FYGP6V6PVSI4BKVZTZWN/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPNY4WZIQUAUOCLIMUPC37AQWNXTWIQM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2021/dsa-4960\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/haproxy%40formilux.org/msg41041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

WID-SEC-W-2023-2456

Vulnerability from csaf_certbund - Published: 2021-11-10 23:00 - Updated: 2023-09-27 22:00

Summary

Red Hat OpenShift: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Dateien zu manipulieren oder Informationen offenzulegen.

Betroffene Betriebssysteme: - Linux

CVE-2021-39240

In Red Hat OpenShift existieren mehrere Schwachstellen. Die Schwachstellen bestehen in der Komponente "haproxy" und sind auf Fehler bei der Verarbeitung von HTTP-Anfragen, HTTP-Request-Smuggling sowie Fehler bei einer Eingabevalidierung zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren oder Informationen offenzulegen.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

CVE-2021-39241

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

CVE-2021-39242

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

CVE-2021-40346

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

References

10 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://alas.aws.amazon.com/AL2/ALASHAPROXY2-2023…	external
https://access.redhat.com/errata/RHSA-2021:4118	external
https://access.redhat.com/errata/RHSA-2021:5002	external
https://access.redhat.com/errata/RHSA-2021:5208	external
https://access.redhat.com/errata/RHSA-2022:0026	external
https://access.redhat.com/errata/RHSA-2022:0024	external
https://access.redhat.com/errata/RHSA-2022:0114	external
https://access.redhat.com/errata/RHSA-2022:0856	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Dateien zu manipulieren oder Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2456 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-2456.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2456 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2456"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASHAPROXY2-2023-005 vom 2023-09-27",
        "url": "https://alas.aws.amazon.com/AL2/ALASHAPROXY2-2023-005.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:4118 vom 2021-11-10",
        "url": "https://access.redhat.com/errata/RHSA-2021:4118"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:5002 vom 2021-12-13",
        "url": "https://access.redhat.com/errata/RHSA-2021:5002"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:5208 vom 2022-01-05",
        "url": "https://access.redhat.com/errata/RHSA-2021:5208"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0026 vom 2022-01-13",
        "url": "https://access.redhat.com/errata/RHSA-2022:0026"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0024 vom 2022-01-13",
        "url": "https://access.redhat.com/errata/RHSA-2022:0024"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0114 vom 2022-01-19",
        "url": "https://access.redhat.com/errata/RHSA-2022:0114"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0856 vom 2022-03-14",
        "url": "https://access.redhat.com/errata/RHSA-2022:0856"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-09-27T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:58:53.739+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2456",
      "initial_release_date": "2021-11-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2021-11-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2021-12-13T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-01-05T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-01-12T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-01-19T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-03-14T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-09-27T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Amazon aufgenommen"
        }
      ],
      "status": "final",
      "version": "7"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Red Hat OpenShift \u003c 4.9.6",
            "product": {
              "name": "Red Hat OpenShift \u003c 4.9.6",
              "product_id": "T021006",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:openshift:4.9.6"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-39240",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Schwachstellen bestehen in der Komponente \"haproxy\" und sind auf Fehler bei der Verarbeitung von HTTP-Anfragen, HTTP-Request-Smuggling sowie Fehler bei einer Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren oder Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "398363"
        ]
      },
      "release_date": "2021-11-10T23:00:00.000+00:00",
      "title": "CVE-2021-39240"
    },
    {
      "cve": "CVE-2021-39241",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Schwachstellen bestehen in der Komponente \"haproxy\" und sind auf Fehler bei der Verarbeitung von HTTP-Anfragen, HTTP-Request-Smuggling sowie Fehler bei einer Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren oder Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "398363"
        ]
      },
      "release_date": "2021-11-10T23:00:00.000+00:00",
      "title": "CVE-2021-39241"
    },
    {
      "cve": "CVE-2021-39242",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Schwachstellen bestehen in der Komponente \"haproxy\" und sind auf Fehler bei der Verarbeitung von HTTP-Anfragen, HTTP-Request-Smuggling sowie Fehler bei einer Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren oder Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "398363"
        ]
      },
      "release_date": "2021-11-10T23:00:00.000+00:00",
      "title": "CVE-2021-39242"
    },
    {
      "cve": "CVE-2021-40346",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Schwachstellen bestehen in der Komponente \"haproxy\" und sind auf Fehler bei der Verarbeitung von HTTP-Anfragen, HTTP-Request-Smuggling sowie Fehler bei einer Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Dateien zu manipulieren oder Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "398363"
        ]
      },
      "release_date": "2021-11-10T23:00:00.000+00:00",
      "title": "CVE-2021-40346"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-39240 (GCVE-0-2021-39240)

WID-SEC-W-2023-2456

Tags

Sightings

Nomenclature