CVE-2021-29441

Published: Apr 27, 2021

Modified: Aug 3, 2024

PUBLISHED

CVSS v3.1

8.6

HIGH

Description

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication (-Dnacos.core.auth.enabled=true) Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that enables Nacos servers to bypass this filter and therefore skip authentication checks. This mechanism relies on the user-agent HTTP header so it can be easily spoofed. This issue may allow any user to carry out any administrative tasks on the Nacos server.

Vendor	Product	Versions
alibaba	nacos	affected `< 1.4.1`

Weaknesses (CWE)

CWE-290

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

References

https://github.com/alibaba/nacos/issues/4701

x_refsource_MISC

https://github.com/advisories/GHSA-36hp-jr8h-556f

x_refsource_CONFIRM

https://github.com/alibaba/nacos/pull/4703

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-29441

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References