CVE-2021-32693 - OpenCVE

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sensiolabs	Symfony

Configuration 1 [-]

cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129
https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728
https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq
https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-06-17T22:40:11

Updated: 2024-08-03T23:25:31.124Z

Reserved: 2021-05-12T00:00:00

Link: CVE-2021-32693

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-06-17T23:15:07.597

Modified: 2021-06-24T19:00:31.563

Link: CVE-2021-32693

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "symfony", "vendor": "symfony", "versions": [{"status": "affected", "version": ">= 5.3.0, < 5.3.2"}]}], "descriptions": [{"lang": "en", "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287: Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-17T22:40:11", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"}, {"tags": ["x_refsource_MISC"], "url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"}], "source": {"advisory": "GHSA-rfcf-m67m-jcrq", "discovery": "UNKNOWN"}, "title": "Authentication granted with multiple firewalls", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32693", "STATE": "PUBLIC", "TITLE": "Authentication granted with multiple firewalls"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "symfony", "version": {"version_data": [{"version_value": ">= 5.3.0, < 5.3.2"}]}}]}, "vendor_name": "symfony"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-287: Improper Authentication"}]}]}, "references": {"reference_data": [{"name": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq", "refsource": "CONFIRM", "url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"}, {"name": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129", "refsource": "MISC", "url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"}, {"name": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728", "refsource": "MISC", "url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"}, {"name": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one", "refsource": "MISC", "url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"}]}, "source": {"advisory": "GHSA-rfcf-m67m-jcrq", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:25:31.124Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32693", "datePublished": "2021-06-17T22:40:11", "dateReserved": "2021-05-12T00:00:00", "dateUpdated": "2024-08-03T23:25:31.124Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*", "matchCriteriaId": "62EC75F1-EC6A-45F1-99A0-BA5CD24E246F", "versionEndExcluding": "5.3.2", "versionStartIncluding": "5.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."}, {"lang": "es", "value": "Symfony es un framework PHP para aplicaciones web y de consola y un ajuste de componentes PHP reutilizables. Una vulnerabilidad relacionada con la autenticaci\u00f3n del firewall se presenta en Symfony a partir de versi\u00f3n 5.3.0 y anteriores a 5.3.2. Cuando una aplicaci\u00f3n define m\u00faltiples firewalls, el token autenticado por uno de los firewalls estaba disponible para todos los otros firewalls. Esto podr\u00eda ser abusado cuando la aplicaci\u00f3n define diferentes proveedores para cada parte de la aplicaci\u00f3n, en tal situaci\u00f3n, un usuario autenticado en una parte de la aplicaci\u00f3n podr\u00eda ser considerado autenticado en el resto de la aplicaci\u00f3n. A partir de versi\u00f3n 5.3.2, un parche asegura que el token autenticado s\u00f3lo est\u00e1 disponible para el firewall que lo genera"}], "id": "CVE-2021-32693", "lastModified": "2021-06-24T19:00:31.563", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-06-17T23:15:07.597", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "security-advisories@github.com", "type": "Primary"}]}