Details of VAR-202204-1318

ID

VAR-202204-1318

CVE

CVE-2022-29266

TITLE

Apache Software Foundation of APISIX Vulnerability regarding information leakage due to error messages in

Trust: 0.8

sources: JVNDB: JVNDB-2022-008621

DESCRIPTION

In APache APISIX before 3.13.1, the jwt-auth plugin has a security issue that leaks the user's secret key because the error message returned from the dependency lua-resty-jwt contains sensitive information. Apache Apisix is a cloud-native microservice API gateway service of the Apache Foundation. The software is implemented based on OpenResty and etcd, with dynamic routing and plug-in hot loading, suitable for API management under the microservice system. An attacker could exploit this vulnerability to obtain the secret configured by the plugin by sending an incorrect JSON Web Token to a route protected by the jwt-auth plugin and responding with an error message

Trust: 2.25

sources: NVD: CVE-2022-29266 // JVNDB: JVNDB-2022-008621 // CNVD: CNVD-2022-38523 // VULMON: CVE-2022-29266

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-38523

AFFECTED PRODUCTS

vendor:	apache	model:	apisix	scope:	lt	version:	2.13.1	Trust: 1.6
vendor:	apache	model:	apisix	scope:	eq	version:	2.13.1	Trust: 0.8
vendor:	apache	model:	apisix	scope:	eq	version:	-	Trust: 0.8
vendor:	apache	model:	apisix	scope:	-	version:	-	Trust: 0.8

sources: CNVD: CNVD-2022-38523 // JVNDB: JVNDB-2022-008621 // NVD: CVE-2022-29266

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-29266
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-29266
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2022-38523
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202204-3886
value:	HIGH
Trust: 0.6
VULMON:	CVE-2022-29266
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-29266
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2022-38523
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-29266
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2022-29266
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-38523 // VULMON: CVE-2022-29266 // JVNDB: JVNDB-2022-008621 // CNNVD: CNNVD-202204-3886 // NVD: CVE-2022-29266

PROBLEMTYPE DATA

problemtype:	CWE-209	Trust: 1.0
problemtype:	Information leakage due to error message (CWE-209) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-008621 // NVD: CVE-2022-29266

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-3886

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-3886

PATCH

title:	Patch for Apache Apisix Information Disclosure Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/333271	Trust: 0.6
title:	Apache Apisix Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=190171	Trust: 0.6

sources: CNVD: CNVD-2022-38523 // CNNVD: CNNVD-202204-3886

EXTERNAL IDS

db:	NVD	id:	CVE-2022-29266	Trust: 3.9
db:	OPENWALL	id:	OSS-SECURITY/2022/04/20/1	Trust: 2.5
db:	JVNDB	id:	JVNDB-2022-008621	Trust: 0.8
db:	CNVD	id:	CNVD-2022-38523	Trust: 0.6
db:	CS-HELP	id:	SB2022042003	Trust: 0.6
db:	CNNVD	id:	CNNVD-202204-3886	Trust: 0.6
db:	VULMON	id:	CVE-2022-29266	Trust: 0.1

sources: CNVD: CNVD-2022-38523 // VULMON: CVE-2022-29266 // JVNDB: JVNDB-2022-008621 // CNNVD: CNNVD-202204-3886 // NVD: CVE-2022-29266

REFERENCES

url:	https://lists.apache.org/thread/6qpfyxogbvn18g9xr8g218jjfjbfsbhr	Trust: 2.5
url:	http://www.openwall.com/lists/oss-security/2022/04/20/1	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-29266	Trust: 1.4
url:	https://cxsecurity.com/cveshow/cve-2022-29266/	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022042003	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/209.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2022-38523 // VULMON: CVE-2022-29266 // JVNDB: JVNDB-2022-008621 // CNNVD: CNNVD-202204-3886 // NVD: CVE-2022-29266

SOURCES

db:	CNVD	id:	CNVD-2022-38523
db:	VULMON	id:	CVE-2022-29266
db:	JVNDB	id:	JVNDB-2022-008621
db:	CNNVD	id:	CNNVD-202204-3886
db:	NVD	id:	CVE-2022-29266

LAST UPDATE DATE

2024-11-23T22:40:29.810000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-38523	date:	2022-05-19T00:00:00
db:	VULMON	id:	CVE-2022-29266	date:	2022-04-29T00:00:00
db:	JVNDB	id:	JVNDB-2022-008621	date:	2023-07-28T08:04:00
db:	CNNVD	id:	CNNVD-202204-3886	date:	2022-05-05T00:00:00
db:	NVD	id:	CVE-2022-29266	date:	2024-11-21T06:58:50.163

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-38523	date:	2022-05-19T00:00:00
db:	VULMON	id:	CVE-2022-29266	date:	2022-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2022-008621	date:	2023-07-28T00:00:00
db:	CNNVD	id:	CNNVD-202204-3886	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2022-29266	date:	2022-04-20T08:15:07.740