CVE-2021-22113 - Vulnerability Details - OpenCVE

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Vmware	Spring Cloud Netflix Zuul

Configuration 1 [-]

cpe:2.3:a:vmware:spring_cloud_netflix_zuul:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://tanzu.vmware.com/security/cve-2021-22113

History

No history.

MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2021-02-23T16:04:45

Updated: 2024-08-03T18:30:23.940Z

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-22113

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-02-23T17:15:13.833

Modified: 2024-11-21T05:49:32.023

Link: CVE-2021-22113

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Spring Cloud Netflix Zuul", "vendor": "n/a", "versions": [{"status": "affected", "version": "2.2.6 and below"}]}], "descriptions": [{"lang": "en", "value": "Applications using the \u201cSensitive Headers\u201d functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the \u201cSensitive Headers\u201d restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing."}], "problemTypes": [{"descriptions": [{"description": "Sensitive Headers restriction bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-23T16:04:45", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://tanzu.vmware.com/security/cve-2021-22113"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2021-22113", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Spring Cloud Netflix Zuul", "version": {"version_data": [{"version_value": "2.2.6 and below"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Applications using the \u201cSensitive Headers\u201d functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the \u201cSensitive Headers\u201d restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Sensitive Headers restriction bypass"}]}]}, "references": {"reference_data": [{"name": "https://tanzu.vmware.com/security/cve-2021-22113", "refsource": "CONFIRM", "url": "https://tanzu.vmware.com/security/cve-2021-22113"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:30:23.940Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tanzu.vmware.com/security/cve-2021-22113"}]}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2021-22113", "datePublished": "2021-02-23T16:04:45", "dateReserved": "2021-01-04T00:00:00", "dateUpdated": "2024-08-03T18:30:23.940Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_cloud_netflix_zuul:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2CDA0AD-BEFC-446E-A2E1-918A75AA47E2", "versionEndIncluding": "2.2.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Applications using the \u201cSensitive Headers\u201d functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the \u201cSensitive Headers\u201d restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing."}, {"lang": "es", "value": "Unas aplicaciones que usan la funcionalidad de \"Sensitive Headers\" en Spring Cloud Netflix Zuul versiones 2.2.6.RELEASE y anteriores, pueden ser vulnerables al omitir la restricci\u00f3n \"Sensitive Headers\" cuando se ejecutan peticiones con URL especialmente construidas. Unas aplicaciones que usan StrictHttpFirewall de Spring Security (habilitado por defecto para todas las URL) no est\u00e1n afectadas por la vulnerabilidad, ya que rechazan unas peticiones que permiten la omisi\u00f3n"}], "id": "CVE-2021-22113", "lastModified": "2024-11-21T05:49:32.023", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-23T17:15:13.833", "references": [{"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://tanzu.vmware.com/security/cve-2021-22113"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tanzu.vmware.com/security/cve-2021-22113"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}