cnvd - cnvd-2022-05527

cnvd-2022-05527

Vulnerability from cnvd

Title: Apache Traffic Control输入验证错误漏洞

Description:

Apache Traffic Control是美国阿帕奇（Apache）基金会的一套分布式、可扩展的内容分发解决方案。该产品主要用于构建大规模内容分发网络。

Apache Traffic Control Traffic Ops存在输入验证错误漏洞，该漏洞源于具有门户级别权限的经过身份验证的 Apache Traffic Control Traffic Ops用户可以发送带有特制电子邮件的请求，该电子邮件受 /deliveryservices/request Traffic Ops 端点的约束，以从 Traffic Ops服务器发送带有任意正文的电子邮件到任意电子邮件地址。目前没有详细的漏洞细节提供。

Severity: 中

Patch Name: Apache Traffic Control输入验证错误漏洞的补丁

Patch Description:

Apache Traffic Control是美国阿帕奇（Apache）基金会的一套分布式、可扩展的内容分发解决方案。该产品主要用于构建大规模内容分发网络。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-42009

Impacted products

Name
Apache Traffic Control >=4.1.0，<5.1.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-42009",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-42009"
    }
  },
  "description": "Apache Traffic Control\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u5206\u5e03\u5f0f\u3001\u53ef\u6269\u5c55\u7684\u5185\u5bb9\u5206\u53d1\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u5927\u89c4\u6a21\u5185\u5bb9\u5206\u53d1\u7f51\u7edc\u3002\n\nApache Traffic Control Traffic Ops\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5177\u6709\u95e8\u6237\u7ea7\u522b\u6743\u9650\u7684\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684 Apache Traffic Control Traffic Ops\u7528\u6237\u53ef\u4ee5\u53d1\u9001\u5e26\u6709\u7279\u5236\u7535\u5b50\u90ae\u4ef6\u7684\u8bf7\u6c42\uff0c\u8be5\u7535\u5b50\u90ae\u4ef6\u53d7 /deliveryservices/request Traffic Ops \u7aef\u70b9\u7684\u7ea6\u675f\uff0c\u4ee5\u4ece Traffic Ops\u670d\u52a1\u5668\u53d1\u9001\u5e26\u6709\u4efb\u610f\u6b63\u6587\u7684\u7535\u5b50\u90ae\u4ef6\u5230\u4efb\u610f\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-05527",
  "openTime": "2022-01-20",
  "patchDescription": "Apache Traffic Control\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u5206\u5e03\u5f0f\u3001\u53ef\u6269\u5c55\u7684\u5185\u5bb9\u5206\u53d1\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u5927\u89c4\u6a21\u5185\u5bb9\u5206\u53d1\u7f51\u7edc\u3002\r\n\r\nApache Traffic Control Traffic Ops\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5177\u6709\u95e8\u6237\u7ea7\u522b\u6743\u9650\u7684\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684 Apache Traffic Control Traffic Ops\u7528\u6237\u53ef\u4ee5\u53d1\u9001\u5e26\u6709\u7279\u5236\u7535\u5b50\u90ae\u4ef6\u7684\u8bf7\u6c42\uff0c\u8be5\u7535\u5b50\u90ae\u4ef6\u53d7 /deliveryservices/request Traffic Ops \u7aef\u70b9\u7684\u7ea6\u675f\uff0c\u4ee5\u4ece Traffic Ops\u670d\u52a1\u5668\u53d1\u9001\u5e26\u6709\u4efb\u610f\u6b63\u6587\u7684\u7535\u5b50\u90ae\u4ef6\u5230\u4efb\u610f\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Traffic Control\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Traffic Control \u003e=4.1.0\uff0c\u003c5.1.3"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-42009",
  "serverity": "\u4e2d",
  "submitTime": "2021-10-15",
  "title": "Apache Traffic Control\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2021-42009 (GCVE-0-2021-42009)

Vulnerability from cvelistv5

Published

2021-10-12 07:40

Modified

2024-08-04 03:22

Severity ?

CWE

CWE-20 - Improper Input Validation
Email Injection Vulnerability

Summary

An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3.

References

▼	URL	Tags
	https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E	x_refsource_MISC
	https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2021/10/12/1	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb%40%3Cdev.trafficcontrol.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87%40%3Cannounce.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Traffic Control	Version: 4.0.0 < Apache Traffic Control*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T03:22:25.843Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
          },
          {
            "name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
          },
          {
            "name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb%40%3Cdev.trafficcontrol.apache.org%3E"
          },
          {
            "name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87%40%3Cannounce.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Traffic Control",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "changes": [
                {
                  "at": "5.0.0",
                  "status": "affected"
                }
              ],
              "lessThan": "Apache Traffic Control*",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by GitHub\u0027s CodeQL code scanning service."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Email Injection Vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-13T23:06:11",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
        },
        {
          "name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
        },
        {
          "name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb%40%3Cdev.trafficcontrol.apache.org%3E"
        },
        {
          "name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87%40%3Cannounce.apache.org%3E"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Traffic Control Traffic Ops Email Injection Vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "5.1.x users should upgrade to 5.1.3 or 6.0.0.\n4.1.x users should upgrade to 5.1.3."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2021-42009",
          "STATE": "PUBLIC",
          "TITLE": "Apache Traffic Control Traffic Ops Email Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Traffic Control",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_name": "Apache Traffic Control",
                            "version_value": "4.0.0"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "Apache Traffic Control",
                            "version_value": "5.0.0"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "Apache Traffic Control",
                            "version_value": "5.1.2 +1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by GitHub\u0027s CodeQL code scanning service."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": [
          {}
        ],
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Email Injection Vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
            },
            {
              "name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
            },
            {
              "name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb@%3Cdev.trafficcontrol.apache.org%3E"
            },
            {
              "name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87@%3Cannounce.apache.org%3E"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "5.1.x users should upgrade to 5.1.3 or 6.0.0.\n4.1.x users should upgrade to 5.1.3."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2021-42009",
    "datePublished": "2021-10-12T07:40:11",
    "dateReserved": "2021-10-05T00:00:00",
    "dateUpdated": "2024-08-04T03:22:25.843Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted