#VU59998 Improper Authentication in ShenYu - CVE-2021-37580

Cybersecurity Help s.r.o.

Published: 2022-01-25 | Updated: 2022-06-21

Vulnerability identifier: #VU59998

Vulnerability risk: High

CVSSv4.0: 8.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2021-37580

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
ShenYu
Web applications / Other software

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to incorrect use of JWT in ShenyuAdminBootstrap in Apache ShenYu Admin. A remote attacker can bypass authentication process and gain unauthorized access to the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

ShenYu: 2.3.0 - 2.4.0

External links
https://lists.apache.org/thread/o15j25qwtpcw62k48xw1tnv48skh3zgb
https://www.openwall.com/lists/oss-security/2021/11/16/1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Authentication bypass in Apache ShenYu