An issue was discovered in Grafana Cortex through 1.9.0. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Cortex will attempt to parse a rules file at that location and include some of the contents in the error message. (Other Cortex API requests can also be sent a malicious OrgID header, e.g., tricking the ingester into writing metrics to a different location, but the effect is nuisance rather than information disclosure.)
References
Link | Resource |
---|---|
https://github.com/cortexproject/cortex/pull/4375 | Patch Third Party Advisory |
https://grafana.com/docs/grafana/latest/release-notes/ | Release Notes Vendor Advisory |
Configurations
History
11 Aug 2021, 17:23
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/cortexproject/cortex/pull/4375 - Patch, Third Party Advisory | |
References | (MISC) https://grafana.com/docs/grafana/latest/release-notes/ - Release Notes, Vendor Advisory | |
CWE | CWE-22 | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
CPE | cpe:2.3:a:linuxfoundation:cortex:*:*:*:*:*:*:*:* |
03 Aug 2021, 15:33
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-08-03 15:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-36157
Mitre link : CVE-2021-36157
CVE.ORG link : CVE-2021-36157
JSON object : View
Products Affected
linuxfoundation
- cortex
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')