var-202111-1282
Vulnerability from variot
The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The $request_uri is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains "^/internal/", a URI like //internal/ can be used to bypass it. Some other plugins also have the same issue. And it may affect the developer's custom plugin. Apache APISIX Contains a command injection vulnerability.Information may be obtained. Apache Apisix is a cloud-native microservice API gateway service of the Apache Foundation in the United States. The software is implemented based on OpenResty and etcd, with dynamic routing and plug-in hot loading, suitable for API management under the microservice system.
Apache APISIX has a security vulnerability, which stems from improper design or implementation issues in the code development process of network systems or products. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202111-1282",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apisix",
"scope": "lt",
"trust": 1.6,
"vendor": "apache",
"version": "2.10.2"
},
{
"model": "apisix",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.10.2"
},
{
"model": "apisix",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "NVD",
"id": "CVE-2021-43557"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.10.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-43557"
}
]
},
"cve": "CVE-2021-43557",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-43557",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-92472",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-43557",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-43557",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2021-92472",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202111-1831",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-43557",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "VULMON",
"id": "CVE-2021-43557"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "NVD",
"id": "CVE-2021-43557"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The $request_uri is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains \"^/internal/\", a URI like `//internal/` can be used to bypass it. Some other plugins also have the same issue. And it may affect the developer\u0027s custom plugin. Apache APISIX Contains a command injection vulnerability.Information may be obtained. Apache Apisix is a cloud-native microservice API gateway service of the Apache Foundation in the United States. The software is implemented based on OpenResty and etcd, with dynamic routing and plug-in hot loading, suitable for API management under the microservice system. \n\r\n\r\nApache APISIX has a security vulnerability, which stems from improper design or implementation issues in the code development process of network systems or products. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-43557"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "VULMON",
"id": "CVE-2021-43557"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-43557",
"trust": 3.9
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/11/22/1",
"trust": 2.5
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/11/22/2",
"trust": 2.5
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/11/23/1",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-92472",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021112611",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1831",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-43557",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "VULMON",
"id": "CVE-2021-43557"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "NVD",
"id": "CVE-2021-43557"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
]
},
"id": "VAR-202111-1282",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
}
],
"trust": 1.225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
}
]
},
"last_update_date": "2023-12-18T13:12:17.793000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Path\u00a0traversal\u00a0in\u00a0request_uri\u00a0variable",
"trust": 0.8,
"url": "https://lists.apache.org/thread/18jyd458ptocr31rnkjs71w4h366mv7h"
},
{
"title": "Patch for Apache APISIX command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/301916"
},
{
"title": "Apache Apisix Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=173024"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/pen4uin/awesome-vulnerability-research "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/pen4uin/vulnerability-research-list "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "VULMON",
"id": "CVE-2021-43557"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "NVD",
"id": "CVE-2021-43557"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.openwall.com/lists/oss-security/2021/11/22/2"
},
{
"trust": 2.5,
"url": "http://www.openwall.com/lists/oss-security/2021/11/22/1"
},
{
"trust": 2.5,
"url": "http://www.openwall.com/lists/oss-security/2021/11/23/1"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-43557"
},
{
"trust": 1.7,
"url": "https://lists.apache.org/thread/18jyd458ptocr31rnkjs71w4h366mv7h"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021112611"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://seclists.org/oss-sec/2021/q4/126"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "VULMON",
"id": "CVE-2021-43557"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "NVD",
"id": "CVE-2021-43557"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "VULMON",
"id": "CVE-2021-43557"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"db": "NVD",
"id": "CVE-2021-43557"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"date": "2021-11-22T00:00:00",
"db": "VULMON",
"id": "CVE-2021-43557"
},
{
"date": "2022-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"date": "2021-11-22T09:15:07.627000",
"db": "NVD",
"id": "CVE-2021-43557"
},
{
"date": "2021-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"date": "2021-11-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-43557"
},
{
"date": "2022-11-22T01:47:00",
"db": "JVNDB",
"id": "JVNDB-2021-015473"
},
{
"date": "2021-11-26T15:47:02.063000",
"db": "NVD",
"id": "CVE-2021-43557"
},
{
"date": "2021-12-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache APISIX command injection vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-92472"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1831"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.