The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth password_file can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack vector to send any file content because the alertmanager can load any text file specified in the templates list.
References
Link | Resource |
---|---|
https://community.grafana.com/c/security-announcements | Third Party Advisory |
https://github.com/cortexproject/cortex | Third Party Advisory |
https://github.com/cortexproject/cortex/pull/4129/files | Patch Third Party Advisory |
https://lists.cncf.io/g/cortex-users/message/50 | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-30T12:46:32
Updated: 2021-04-30T13:20:30
Reserved: 2021-04-15T00:00:00
Link: CVE-2021-31232
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-30T13:15:07.577
Modified: 2023-08-08T14:22:24.967
Link: CVE-2021-31232
JSON object: View
Redhat Information
No data.
CWE