当前位置:网站首页>Apache APIs IX has the risk of rewriting the x-real-ip header (cve-2022-24112)
Apache APIs IX has the risk of rewriting the x-real-ip header (cve-2022-24112)
2022-07-06 14:18:00 【ApacheAPISIX】
Problem description
stay Apache APISIX 2.12.1 In the previous version ( It doesn't contain 2.12.1 and 2.10.4), Enable Apache APISIX batch-requests
After the plug-in , There will be rewriting X-REAL-IP header risk .
This risk leads to two problems :
- Through
batch-requests
Plug ins bypass Apache APISIX Data plane IP Limit . For example, bypass IP Black and white list restrictions . - If the user uses Apache APISIX The default configuration ( Enable Admin API , Use the default Admin Key And no additional management ports are assigned ), Attackers can get through
batch-requests
Plug in call Admin API .
Affects version
- Apache APISIX 1.3 ~ 2.12.1 Between all versions ( It doesn't contain 2.12.1 )
- Apache APISIX 2.10.0 ~ 2.10.4 LTS Between all versions ( It doesn't contain 2.10.4)
Solution
- The problem has been solved in 2.12.1 and 2.10.4 Resolved in version , Please update to the relevant version as soon as possible .
- In the affected Apache APISIX In the version , It can be done to
conf/config.yaml
andconf/config-default.yaml
File explicitly commented outbatch-requests
, And restart Apache APISIX This risk can be avoided .
Vulnerability Details
Vulnerability priority : high
Vulnerability disclosure time :2022 year 2 month 11 Japan
CVE Details :https://nvd.nist.gov/vuln/detail/CVE-2022-24112
Contributor profile
The vulnerability was discovered by Changting technology in Real World CTF Found in , And by the Sauercloud Report to Apache Software foundation . Thank you for Apache APISIX Community contribution .
边栏推荐
猜你喜欢
7-5 staircase upgrade (PTA program design)
HackMyvm靶机系列(2)-warrior
UGUI—Text
Mixlab unbounded community white paper officially released
Hackmyvm target series (6) -videoclub
Xray and Burp linked Mining
记一次edu,SQL注入实战
Canvas foundation 2 - arc - draw arc
Canvas foundation 1 - draw a straight line (easy to understand)
HackMyvm靶機系列(3)-visions
随机推荐
How to turn wechat applet into uniapp
Build domain environment (win)
JDBC事务、批处理以及连接池(超详细)
Feature extraction and detection 14 plane object recognition
内网渗透之内网信息收集(一)
Hackmyvm target series (3) -visions
内网渗透之内网信息收集(四)
Experiment 8 exception handling
循环队列(C语言)
. How to upload XMIND files to Jinshan document sharing online editing?
[experiment index of educator database]
Experiment 9 input and output stream (excerpt)
The most popular colloquial system explains the base of numbers
强化学习基础记录
Load balancing ribbon of microservices
内网渗透之内网信息收集(五)
Callback function ----------- callback
Record once, modify password logic vulnerability actual combat
Low income from doing we media? 90% of people make mistakes in these three points
7-9 make house number 3.0 (PTA program design)