当前位置:网站首页>Apache APIs IX has the risk of rewriting the x-real-ip header (cve-2022-24112)

Apache APIs IX has the risk of rewriting the x-real-ip header (cve-2022-24112)

2022-06-26 16:45:00 Apacheapisik China Community

Problem description

stay Apache APISIX 2.12.1 In the previous version ( It doesn't contain 2.12.1 and 2.10.4), Enable Apache APISIX batch-requests  After the plug-in , There will be rewriting X-REAL-IP header risk .

This risk leads to two problems :

  • Through  batch-requests  Plug ins bypass Apache APISIX Data plane IP Limit . For example, bypass IP Black and white list restrictions .
  • If the user uses Apache APISIX The default configuration ( Enable Admin API , Use the default Admin Key And no additional management ports are assigned ), Attackers can get through  batch-requests  Plug in call Admin API .

Affects version

  • Apache APISIX 1.3 ~ 2.12.1 Between all versions ( It doesn't contain 2.12.1 )
  • Apache APISIX 2.10.0 ~ 2.10.4 LTS Between all versions ( It doesn't contain 2.10.4)

Solution

  • The problem has been solved in 2.12.1 and 2.10.4 Resolved in version , Please update to the relevant version as soon as possible .
  • In the affected Apache APISIX In the version , It can be done to  conf/config.yaml  and  conf/config-default.yaml  File explicitly commented out  batch-requests, And restart Apache APISIX This risk can be avoided .

Vulnerability Details

Vulnerability priority : high

Vulnerability disclosure time :2022 year 2 month 11 Japan

CVE Details :https://nvd.nist.gov/vuln/detail/CVE-2022-24112

Contributor profile

The vulnerability was discovered by Changting technology in Real World CTF Found in , And by the Sauercloud Report to Apache Software foundation . Thank you for Apache APISIX Community contribution .

原网站

版权声明
本文为[Apacheapisik China Community]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/02/202202170506437894.html

边栏推荐

猜你喜欢

随机推荐