fkie_cve-2021-32813
Vulnerability from fkie_nvd
Published
2021-08-03 23:15
Modified
2024-11-21 06:07
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation, however, the Traefik team has addressed this issue to prevent any potential abuse. If one has a chain of Traefik middlewares, and one of them sets a request header, then sending a request with a certain Connection header will cause it to be removed before the request is sent. In this case, the backend does not see the request header. A patch is available in version 2.4.13. There are no known workarounds aside from upgrading.
References
security-advisories@github.comhttps://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9Patch, Third Party Advisory
security-advisories@github.comhttps://github.com/traefik/traefik/releases/tag/v2.4.13Third Party Advisory
security-advisories@github.comhttps://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qgThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/traefik/traefik/releases/tag/v2.4.13Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qgThird Party Advisory
Impacted products
Vendor Product Version
traefik traefik *


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AE4F485-8B9A-4136-928F-31D7072F71D0",
                     versionEndExcluding: "2.4.13",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation, however, the Traefik team has addressed this issue to prevent any potential abuse. If one has a chain of Traefik middlewares, and one of them sets a request header, then sending a request with a certain Connection header will cause it to be removed before the request is sent. In this case, the backend does not see the request header. A patch is available in version 2.4.13. There are no known workarounds aside from upgrading.",
      },
      {
         lang: "es",
         value: "Traefik es un proxy inverso HTTP y un equilibrador de carga. Anterior a versión 2.4.13, se presentaba una potencial vulnerabilidad de encabezado en el manejo del encabezado Connection de Traefik. Una explotación activa de este problema es poco probable, ya que requiere que un encabezado eliminado conllevaría a una escalada de privilegios, sin embargo, el equipo de Traefik ha abordado este problema para impedir cualquier abuso potencial. Si uno presenta una cadena de middlewares de Traefik, y uno de ellos establece un encabezado de petición, entonces el envío de una petición con una determinado encabezado de conexión causará que se elimine antes de que se envíe la petición. En este caso, el backend no visualiza la cabecera de petición. Se presenta un parche disponible en la versión 2.4.13. No hay soluciones conocidas aparte de la actualización",
      },
   ],
   id: "CVE-2021-32813",
   lastModified: "2024-11-21T06:07:48.107",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 2.5,
            source: "security-advisories@github.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-08-03T23:15:07.370",
   references: [
      {
         source: "security-advisories@github.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9",
      },
      {
         source: "security-advisories@github.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/traefik/traefik/releases/tag/v2.4.13",
      },
      {
         source: "security-advisories@github.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qg",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/traefik/traefik/releases/tag/v2.4.13",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qg",
      },
   ],
   sourceIdentifier: "security-advisories@github.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-913",
            },
         ],
         source: "security-advisories@github.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-913",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.