CVE-2021-27738

CWE-918 — Server-Side Request Forgery (SSRF)4 documents4 sources

Severity

7.5HIGH

EPSS

2.2%

top 15.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Software Foundation Apache Kylin Apache Kylin

Timeline

PublishedJan 6

Latest updateJan 8

Description

All request mappings in `StreamingCoordinatorController.java` handling `/kylin/api/streaming_coordinator/*` REST API endpoints did not include any security checks, which allowed an unauthenticated user to issue arbitrary requests, such as assigning/unassigning of streaming cubes, creation/modification and deletion of replica sets, to the Kylin Coordinator. For endpoints accepting node details in HTTP message body, unauthenticated (but limited) server-side request forgery (SSRF) can be achieved. …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDapache/kylin3.0.0 — 3.1.2

▶Mavenorg.apache.kylin:kylin< 3.1.3

▶CVEListV5apache_software_foundation/apache_kylinApache Kylin 3 — 3.1.2

🔴Vulnerability Details

OSV

Server-Side Request Forgery in Apache Kylin↗2022-01-08

▶

GHSA

Server-Side Request Forgery in Apache Kylin↗2022-01-08

▶

CVEList

Improper Access Control to Streaming Coordinator & SSRF↗2022-01-06

▶