CVE-2021-27099Incorrect Authorization in Spire

CWE-863Incorrect Authorization2 documents2 sources
Severity
6.8MEDIUMNVD
EPSS
0.2%
top 56.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cncf Spire
Timeline
PublishedMar 5

Description

In SPIRE before versions 0.8.5, 0.9.4, 0.10.2, 0.11.3 and 0.12.1, the "aws_iid" Node Attestor improperly normalizes the path provided through the agent ID templating feature, which may allow the issuance of an arbitrary SPIFFE ID within the same trust domain, if the attacker controls the value of an EC2 tag prior to attestation, and the attestor is configured for agent ID templating where the tag value is the last element in the path. This issue has been fixed in SPIRE versions 0.11.3 and 0.12.1

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.6 | Impact: 5.2

Affected Packages1 packages

NVDcncf/spire0.9.00.9.4+4

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

1
CVEList
CVE-2021-27099: In SPIRE before versions 02021-03-05
CVE-2021-27099 — Incorrect Authorization in Cncf Spire | cvebase