var-202112-0385
Vulnerability from variot

ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worker processes for minutes and consume almost all of the available CPU on the machine. Modsecurity 2 is similarly vulnerable: the affected versions include 2.8.0 through 2.9.4. ModSecurity Exists in a recursive control vulnerability.Service operation interruption (DoS) It may be in a state. ModSecurity is an intrusion detection and prevention engine that can run as a module of the Apache web server or as a separate application to enhance the security of web applications and protect web applications from known and unknown attacks. The update introduces a new 'SecRequestBodyJsonDepthLimit' option to limit the maximum request body JSON parsing depth which ModSecurity will accept (defaults to 10000).

For the oldstable distribution (buster), this problem has been fixed in version 2.9.3-1+deb10u1.

For the stable distribution (bullseye), this problem has been fixed in version 2.9.3-3+deb11u1.

We recommend that you upgrade your modsecurity-apache packages.

For the detailed security status of modsecurity-apache please refer to its security tracker page at: https://security-tracker.debian.org/tracker/modsecurity-apache

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmG93fFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TISQ/9FDNX/GMbzanT4mYbAIXAbQ8tHGJhJVifHwnM8VcUv5xCecJDsHs5rg65 XSgAw7kyG17TotGrU+m8rhqbNrwcCnPAI5YqcxSKASim1Seu7Teayle+bDDTraHQ oTpNGaZ1aTaKtsQ3+TpHmsOoMcBivGX+ay7GldRO3krebAVAZEx8Y824tt/2jer5 XEM5XXkQA8fjRyr8K/JpdxivGCRL20KKg3dOLrUrw6UP8l/avd66ORGxCWRQ4abN RoCu2NkZul558kYa7q95DJy1Hwa0OHygq+wjeQnojJMsup/WD+YcRclbEJsEVG/s DEr3mYvekgtn0UlaRJWJNtknqUNHg67rts3wwlmXOLsLg1Darjm5HiowUMy8cki0 jvST+Zb5UdGO02Fj5xch/lP1VABpcra19+XGs1yNrAXhiE7FUZMCXlZqRgRKWx5O ueKIP7PAEp9TIaOA+H33y9y3EAWnM2l3BbstBV28d8rBecIHzRnkd4HQ2XgTh1Sd rM4a5KmADtWAdya4aRev1Qyr3qBEEU8q4A1TRMRLvBHosIETr6P0//+0dua97oE/ C8+sHm+CLo6scuD65Xpuyjv/zHPuxXSXN/Fkp6qgxhcH7MGwRbXx8JwsAWmGfWSL pjAcO7UMz0dLCR8hxpzsGLgjKQVC/STyh+ufHK5oEid41Z4PW60= =9Flq -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6370-1 September 14, 2023

modsecurity-apache vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 22.04 LTS (Available with Ubuntu Pro)
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS (Available with Ubuntu Pro)
  • Ubuntu 16.04 LTS (Available with Ubuntu Pro)
  • Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in ModSecurity.

Software Description: - modsecurity-apache: Tighten web applications security for Apache

Details:

It was discovered that ModSecurity incorrectly handled certain nested JSON objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-42717)

It was discovered that ModSecurity incorrectly handled certain HTTP multipart requests. A remote attacker could possibly use this issue to bypass ModSecurity restrictions. (CVE-2022-48279)

It was discovered that ModSecurity incorrectly handled certain file uploads. A remote attacker could possibly use this issue to cause a buffer overflow and a firewall failure. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-24021)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 22.04 LTS (Available with Ubuntu Pro): libapache2-mod-security2 2.9.5-1ubuntu0.1~esm1

Ubuntu 20.04 LTS: libapache2-mod-security2 2.9.3-1ubuntu0.1

Ubuntu 18.04 LTS (Available with Ubuntu Pro): libapache2-mod-security2 2.9.2-1ubuntu0.1~esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro): libapache2-mod-security2 2.9.0-1ubuntu0.1~esm1 libapache2-modsecurity 2.9.0-1ubuntu0.1~esm1

Ubuntu 14.04 LTS (Available with Ubuntu Pro): libapache2-mod-security2 2.7.7-2ubuntu0.1~esm1 libapache2-modsecurity 2.7.7-2ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References: https://ubuntu.com/security/notices/USN-6370-1 CVE-2021-42717, CVE-2022-48279, CVE-2023-24021

Package Information: https://launchpad.net/ubuntu/+source/modsecurity-apache/2.9.3-1ubuntu0.1

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202112-0385",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "http server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "modsecurity",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "trustwave",
        "version": "3.0.0"
      },
      {
        "model": "modsecurity",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trustwave",
        "version": "3.0.6"
      },
      {
        "model": "modsecurity",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "trustwave",
        "version": "2.0.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "10.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "11.0"
      },
      {
        "model": "nginx modsecurity waf",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f5",
        "version": "r25"
      },
      {
        "model": "modsecurity",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trustwave",
        "version": "2.9.5"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "http server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.4.0"
      },
      {
        "model": "zfs storage appliance kit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.8"
      },
      {
        "model": "nginx modsecurity waf",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f5",
        "version": "r24"
      },
      {
        "model": "zfs storage appliance kit",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30aa\u30e9\u30af\u30eb",
        "version": null
      },
      {
        "model": "oracle http server",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30aa\u30e9\u30af\u30eb",
        "version": null
      },
      {
        "model": "modsecurity",
        "scope": null,
        "trust": 0.8,
        "vendor": "trustwave",
        "version": null
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      },
      {
        "model": "nginx modsecurity waf",
        "scope": null,
        "trust": 0.8,
        "vendor": "f5",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.9.5",
                "versionStartIncluding": "2.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.0.6",
                "versionStartIncluding": "3.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f5:nginx_modsecurity_waf:r25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:nginx_modsecurity_waf:r24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Debian",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "169177"
      }
    ],
    "trust": 0.1
  },
  "cve": "CVE-2021-42717",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-42717",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-403784",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-42717",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-42717",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202112-519",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-403784",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-42717",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worker processes for minutes and consume almost all of the available CPU on the machine. Modsecurity 2 is similarly vulnerable: the affected versions include 2.8.0 through 2.9.4. ModSecurity Exists in a recursive control vulnerability.Service operation interruption (DoS) It may be in a state. ModSecurity is an intrusion detection and prevention engine that can run as a module of the Apache web server or as a separate application to enhance the security of web applications and protect web applications from known and unknown attacks. The update\nintroduces a new \u0027SecRequestBodyJsonDepthLimit\u0027 option to limit the\nmaximum request body JSON parsing depth which ModSecurity will accept\n(defaults to 10000). \n\nFor the oldstable distribution (buster), this problem has been fixed\nin version 2.9.3-1+deb10u1. \n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 2.9.3-3+deb11u1. \n\nWe recommend that you upgrade your modsecurity-apache packages. \n\nFor the detailed security status of modsecurity-apache please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/modsecurity-apache\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmG93fFfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TISQ/9FDNX/GMbzanT4mYbAIXAbQ8tHGJhJVifHwnM8VcUv5xCecJDsHs5rg65\nXSgAw7kyG17TotGrU+m8rhqbNrwcCnPAI5YqcxSKASim1Seu7Teayle+bDDTraHQ\noTpNGaZ1aTaKtsQ3+TpHmsOoMcBivGX+ay7GldRO3krebAVAZEx8Y824tt/2jer5\nXEM5XXkQA8fjRyr8K/JpdxivGCRL20KKg3dOLrUrw6UP8l/avd66ORGxCWRQ4abN\nRoCu2NkZul558kYa7q95DJy1Hwa0OHygq+wjeQnojJMsup/WD+YcRclbEJsEVG/s\nDEr3mYvekgtn0UlaRJWJNtknqUNHg67rts3wwlmXOLsLg1Darjm5HiowUMy8cki0\njvST+Zb5UdGO02Fj5xch/lP1VABpcra19+XGs1yNrAXhiE7FUZMCXlZqRgRKWx5O\nueKIP7PAEp9TIaOA+H33y9y3EAWnM2l3BbstBV28d8rBecIHzRnkd4HQ2XgTh1Sd\nrM4a5KmADtWAdya4aRev1Qyr3qBEEU8q4A1TRMRLvBHosIETr6P0//+0dua97oE/\nC8+sHm+CLo6scuD65Xpuyjv/zHPuxXSXN/Fkp6qgxhcH7MGwRbXx8JwsAWmGfWSL\npjAcO7UMz0dLCR8hxpzsGLgjKQVC/STyh+ufHK5oEid41Z4PW60=\n=9Flq\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6370-1\nSeptember 14, 2023\n\nmodsecurity-apache vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 14.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in ModSecurity. \n\nSoftware Description:\n- modsecurity-apache: Tighten web applications security for Apache\n\nDetails:\n\nIt was discovered that ModSecurity incorrectly handled certain nested JSON\nobjects. An attacker could possibly use this issue to cause a denial\nof service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS\nand Ubuntu 20.04 LTS. (CVE-2021-42717)\n\nIt was discovered that ModSecurity incorrectly handled certain HTTP\nmultipart requests. A remote attacker could possibly use this issue\nto bypass ModSecurity restrictions. (CVE-2022-48279)\n\nIt was discovered that ModSecurity incorrectly handled certain file\nuploads. A remote attacker could possibly use this issue to cause a\nbuffer overflow and a firewall failure. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. \n(CVE-2023-24021)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS (Available with Ubuntu Pro):\n   libapache2-mod-security2        2.9.5-1ubuntu0.1~esm1\n\nUbuntu 20.04 LTS:\n   libapache2-mod-security2        2.9.3-1ubuntu0.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n   libapache2-mod-security2        2.9.2-1ubuntu0.1~esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n   libapache2-mod-security2        2.9.0-1ubuntu0.1~esm1\n   libapache2-modsecurity          2.9.0-1ubuntu0.1~esm1\n\nUbuntu 14.04 LTS (Available with Ubuntu Pro):\n   libapache2-mod-security2        2.7.7-2ubuntu0.1~esm1\n   libapache2-modsecurity          2.7.7-2ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n   https://ubuntu.com/security/notices/USN-6370-1\n   CVE-2021-42717, CVE-2022-48279, CVE-2023-24021\n\nPackage Information:\n   https://launchpad.net/ubuntu/+source/modsecurity-apache/2.9.3-1ubuntu0.1\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "db": "PACKETSTORM",
        "id": "169177"
      },
      {
        "db": "PACKETSTORM",
        "id": "174673"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-42717",
        "trust": 3.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-519",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "169177",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.4312",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021121901",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-403784",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-42717",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "174673",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "db": "PACKETSTORM",
        "id": "169177"
      },
      {
        "db": "PACKETSTORM",
        "id": "174673"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ]
  },
  "id": "VAR-202112-0385",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403784"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T10:52:44.283000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Oracle\u00a0Critical\u00a0Patch\u00a0Update\u00a0Advisory\u00a0-\u00a0April\u00a02022",
        "trust": 0.8,
        "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00042.html"
      },
      {
        "title": "Debian Security Advisories: DSA-5023-1 modsecurity-apache -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=76c1c060a3657c796d670a8c1cc60cc8"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/ekamsinghwalia/detection-and-mitigation-script-for-cve-2021-42717 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-674",
        "trust": 1.1
      },
      {
        "problemtype": "Inappropriate recursive control (CWE-674) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://www.debian.org/security/2021/dsa-5023"
      },
      {
        "trust": 1.8,
        "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
      },
      {
        "trust": 1.8,
        "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-dos-vulnerability-in-json-parsing-cve-2021-42717/"
      },
      {
        "trust": 1.8,
        "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00042.html"
      },
      {
        "trust": 1.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-42717"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.4312"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/169177/debian-security-advisory-5023-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021121901"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/modsecurity-overload-via-nested-json-objects-37106"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/674.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/ekamsinghwalia/detection-and-mitigation-script-for-cve-2021-42717"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/modsecurity-apache"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-48279"
      },
      {
        "trust": 0.1,
        "url": "https://ubuntu.com/security/notices/usn-6370-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/modsecurity-apache/2.9.3-1ubuntu0.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-24021"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "db": "PACKETSTORM",
        "id": "169177"
      },
      {
        "db": "PACKETSTORM",
        "id": "174673"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "db": "PACKETSTORM",
        "id": "169177"
      },
      {
        "db": "PACKETSTORM",
        "id": "174673"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-42717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "date": "2021-12-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "date": "2022-12-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "date": "2021-12-28T20:12:00",
        "db": "PACKETSTORM",
        "id": "169177"
      },
      {
        "date": "2023-09-15T13:52:07",
        "db": "PACKETSTORM",
        "id": "174673"
      },
      {
        "date": "2021-12-07T22:15:06.950000",
        "db": "NVD",
        "id": "CVE-2021-42717"
      },
      {
        "date": "2021-12-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-09-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-403784"
      },
      {
        "date": "2022-09-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-42717"
      },
      {
        "date": "2022-12-07T05:40:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      },
      {
        "date": "2022-09-03T03:33:10.373000",
        "db": "NVD",
        "id": "CVE-2021-42717"
      },
      {
        "date": "2022-12-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "174673"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ModSecurity\u00a0 Recursion control vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016135"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-519"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.