CVE-2022-1561

Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, but the consumed backend might be vulnerable.

CVSS v3 4.0 MEDIUM

4.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project	Third Party Advisory
https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/	Vendor Advisory
https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project	Third Party Advisory
https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:krakend:krakend:::::enterprise:::*
	cpe:2.3:a:krakend:krakend:::::community:::*
	cpe:2.3:a:luraproject:lura::::::::

History

21 Nov 2024, 06:40

Type	Values Removed	Values Added
References	~~() https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project - Third Party Advisory~~	() https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project - Third Party Advisory
References	~~() https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/ - Vendor Advisory~~	() https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/ - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~4.3~~	v2 : unknown v3 : 4.0

Information

Published : 2022-08-01 13:15

Updated : 2024-11-21 06:40

NVD link : CVE-2022-1561

Mitre link : CVE-2022-1561

CVE.ORG link : CVE-2022-1561

JSON object : View

Products Affected

krakend

krakend

luraproject

lura

CWE

CWE-471

Modification of Assumed-Immutable Data (MAID)

NVD-CWE-Other

{"id": "CVE-2022-1561", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-08-01T13:15:09.810", "references": [{"url": "https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project", "tags": ["Third Party Advisory"], "source": "cve-coordination@incibe.es"}, {"url": "https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/", "tags": ["Vendor Advisory"], "source": "cve-coordination@incibe.es"}, {"url": "https://www.incibe-cert.es/en/early-warning/security-advisories/crafted-backend-urls-lura-project", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.krakend.io/blog/cve-2022-1561-crafted-backend-urls/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "description": [{"lang": "en", "value": "CWE-471"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, but the consumed backend might be vulnerable."}, {"lang": "es", "value": "Lura y KrakenD-CE versiones anteriores a v2.0.2 y KrakenD-EE versiones anteriores a v2.0.0, no sanean los par\u00e1metros de la URL, lo que permite a un usuario malicioso alterar la URL del backend definida para una tuber\u00eda cuando los usuarios remotos env\u00edan peticiones de URL astutas. La vulnerabilidad no afecta al propio KrakenD, pero el backend consumido podr\u00eda ser vulnerable"}], "lastModified": "2024-11-21T06:40:58.340", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:krakend:krakend:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "3A6E0144-4F80-47D1-800E-809580D1C525", "versionEndExcluding": "2.0.0"}, {"criteria": "cpe:2.3:a:krakend:krakend:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "55A063F9-8673-4B66-900F-A3B19E06777A", "versionEndIncluding": "2.0.2"}, {"criteria": "cpe:2.3:a:luraproject:lura:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E961C753-02DB-473E-9D24-6B9B400B8AE9", "versionEndExcluding": "2.0.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve-coordination@incibe.es"}