CVE-2021-25939

Exploit

EPSS 0.23%
Veröffentlicht 09.02.2022 13:15:08
Zuletzt bearbeitet 21.11.2024 05:55:38
Quelle vulnerabilitylab@mend.io
CVE-Watchlists
Login
Unerledigt
Login

In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests performed internally, which can be abused by a highly-privileged attacker to perform blind SSRF and send internal requests to localhost.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Arangodb ≫ Arangodb Version >= 3.7.0 <= 3.8.5.1

Arangodb ≫ Arangodb Version3.9.0 Updatealpha1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.461

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.7	1.2	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N
vulnerabilitylab@mend.io	2.7	1.2	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://github.com/arangodb/arangodb/commit/d7b35a6884c6b2802d34d79fb2a79fb2c9ec2175

Patch

Third Party Advisory

https://github.com/arangodb/arangodb/commit/d9b7f019d2435f107b19a59190bf9cc27d5f34dd

Patch

Third Party Advisory

https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25939

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2021-25939

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-25939

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-25939

EUVD