CVE-2021-22113 - OpenCVE

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Vmware	Spring Cloud Netflix Zuul

Configuration 1 [-]

cpe:2.3:a:vmware:spring_cloud_netflix_zuul:*:*:*:*:*:*:*:*

References

Link	Resource
https://tanzu.vmware.com/security/cve-2021-22113	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: vmware

Published: 2021-02-23T16:04:45

Updated: 2021-02-23T16:04:45

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-22113

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-02-23T17:15:13.833

Modified: 2021-03-02T15:44:14.237

Link: CVE-2021-22113

JSON object: View

Redhat Information

No data.

CWE

CWE-863

{"containers": {"cna": {"affected": [{"product": "Spring Cloud Netflix Zuul", "vendor": "n/a", "versions": [{"status": "affected", "version": "2.2.6 and below"}]}], "descriptions": [{"lang": "en", "value": "Applications using the \u201cSensitive Headers\u201d functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the \u201cSensitive Headers\u201d restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing."}], "problemTypes": [{"descriptions": [{"description": "Sensitive Headers restriction bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-23T16:04:45", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://tanzu.vmware.com/security/cve-2021-22113"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2021-22113", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Spring Cloud Netflix Zuul", "version": {"version_data": [{"version_value": "2.2.6 and below"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Applications using the \u201cSensitive Headers\u201d functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the \u201cSensitive Headers\u201d restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Sensitive Headers restriction bypass"}]}]}, "references": {"reference_data": [{"name": "https://tanzu.vmware.com/security/cve-2021-22113", "refsource": "CONFIRM", "url": "https://tanzu.vmware.com/security/cve-2021-22113"}]}}}}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2021-22113", "datePublished": "2021-02-23T16:04:45", "dateReserved": "2021-01-04T00:00:00", "dateUpdated": "2021-02-23T16:04:45", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_cloud_netflix_zuul:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2CDA0AD-BEFC-446E-A2E1-918A75AA47E2", "versionEndIncluding": "2.2.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Applications using the \u201cSensitive Headers\u201d functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the \u201cSensitive Headers\u201d restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing."}, {"lang": "es", "value": "Unas aplicaciones que usan la funcionalidad de \"Sensitive Headers\" en Spring Cloud Netflix Zuul versiones 2.2.6.RELEASE y anteriores, pueden ser vulnerables al omitir la restricci\u00f3n \"Sensitive Headers\" cuando se ejecutan peticiones con URL especialmente construidas. Unas aplicaciones que usan StrictHttpFirewall de Spring Security (habilitado por defecto para todas las URL) no est\u00e1n afectadas por la vulnerabilidad, ya que rechazan unas peticiones que permiten la omisi\u00f3n"}], "id": "CVE-2021-22113", "lastModified": "2021-03-02T15:44:14.237", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-23T17:15:13.833", "references": [{"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://tanzu.vmware.com/security/cve-2021-22113"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}