CVE-2021-29442

Exploit

EPSS 94%
Published 27.04.2021 21:15:08
Last modified 21.11.2024 06:01:06
Source security-advisories@github.com
Teams watchlist Login
Open Login

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql)

Affected products Warnungen 0 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Alibaba ≫ Nacos Version < 1.4.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	94%	0.999

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
security-advisories@github.com	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

https://github.com/advisories/GHSA-36hp-jr8h-556f

Third Party Advisory

Exploit

https://github.com/alibaba/nacos/issues/4463

Third Party Advisory

Exploit

https://github.com/alibaba/nacos/pull/4517

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-29442

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-29442

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-29442

EUVD