FKIE_CVE-2022-1561

Vulnerability from fkie_nvd - Published: 2022-08-01 13:15 - Updated: 2024-11-21 06:40
Severity ?
4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, but the consumed backend might be vulnerable.
References
cve-coordination@incibe.eshttps://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-projectThird Party Advisory
cve-coordination@incibe.eshttps://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-projectThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/Vendor Advisory
Impacted products
Vendor Product Version
krakend krakend *
krakend krakend *
luraproject lura *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:krakend:krakend:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "3A6E0144-4F80-47D1-800E-809580D1C525",
              "versionEndExcluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:krakend:krakend:*:*:*:*:community:*:*:*",
              "matchCriteriaId": "55A063F9-8673-4B66-900F-A3B19E06777A",
              "versionEndIncluding": "2.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:luraproject:lura:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E961C753-02DB-473E-9D24-6B9B400B8AE9",
              "versionEndExcluding": "2.0.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, but the consumed backend might be vulnerable."
    },
    {
      "lang": "es",
      "value": "Lura y KrakenD-CE versiones anteriores a v2.0.2 y KrakenD-EE versiones anteriores a v2.0.0, no sanean los par\u00e1metros de la URL, lo que permite a un usuario malicioso alterar la URL del backend definida para una tuber\u00eda cuando los usuarios remotos env\u00edan peticiones de URL astutas. La vulnerabilidad no afecta al propio KrakenD, pero el backend consumido podr\u00eda ser vulnerable"
    }
  ],
  "id": "CVE-2022-1561",
  "lastModified": "2024-11-21T06:40:58.340",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "cve-coordination@incibe.es",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-08-01T13:15:09.810",
  "references": [
    {
      "source": "cve-coordination@incibe.es",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project"
    },
    {
      "source": "cve-coordination@incibe.es",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/"
    }
  ],
  "sourceIdentifier": "cve-coordination@incibe.es",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-471"
        }
      ],
      "source": "cve-coordination@incibe.es",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.