CVE-2021-41767 - Vulnerability Details - OpenCVE

Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that same connection.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00574.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Guacamole

Configuration 1 [-]

cpe:2.3:a:apache:guacamole:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2021-28775	Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that same connection.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2022/01/11/6
https://lists.apache.org/thread/5l31k4jmzdsfz0xt8osrbl878gb3b7ro

History

No history.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-01-11T22:10:11

Updated: 2024-08-04T03:15:29.360Z

Reserved: 2021-09-28T00:00:00

Link: CVE-2021-41767

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-01-11T22:15:07.570

Modified: 2024-11-21T06:26:43.560

Link: CVE-2021-41767

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "Apache Guacamole", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "1.3.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "We would like to thank Damian Velardo (Australia and New Zealand Banking Group) for reporting this issue."}], "descriptions": [{"lang": "en", "value": "Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that same connection."}], "metrics": [{"other": {"content": {"other": "moderate"}, "type": "unknown"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-12T00:06:13", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread/5l31k4jmzdsfz0xt8osrbl878gb3b7ro"}, {"name": "[oss-security] 20220111 [SECURITY] CVE-2021-41767: Apache Guacamole: Private tunnel identifier may be included in the non-private details of active connections", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/01/11/6"}], "source": {"discovery": "UNKNOWN"}, "title": "Private tunnel identifier may be included in the non-private details of active connections", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2021-41767", "STATE": "PUBLIC", "TITLE": "Private tunnel identifier may be included in the non-private details of active connections"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Guacamole", "version": {"version_data": [{"version_affected": "<=", "version_value": "1.3.0"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "We would like to thank Damian Velardo (Australia and New Zealand Banking Group) for reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that same connection."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "moderate"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}]}, "references": {"reference_data": [{"name": "https://lists.apache.org/thread/5l31k4jmzdsfz0xt8osrbl878gb3b7ro", "refsource": "MISC", "url": "https://lists.apache.org/thread/5l31k4jmzdsfz0xt8osrbl878gb3b7ro"}, {"name": "[oss-security] 20220111 [SECURITY] CVE-2021-41767: Apache Guacamole: Private tunnel identifier may be included in the non-private details of active connections", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/11/6"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T03:15:29.360Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.apache.org/thread/5l31k4jmzdsfz0xt8osrbl878gb3b7ro"}, {"name": "[oss-security] 20220111 [SECURITY] CVE-2021-41767: Apache Guacamole: Private tunnel identifier may be included in the non-private details of active connections", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/01/11/6"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2021-41767", "datePublished": "2022-01-11T22:10:11", "dateReserved": "2021-09-28T00:00:00", "dateUpdated": "2024-08-04T03:15:29.360Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:guacamole:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3A733CC-43E3-4A1C-BF40-54C1113B8B5C", "versionEndIncluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that same connection."}, {"lang": "es", "value": "Apache Guacamole versiones 1.3.0 y anteriores, pueden incluir incorrectamente un identificador de t\u00fanel privado en los detalles no privados de algunas respuestas REST. Esto puede permitir que un usuario autenticado que ya presenta permiso para acceder a una conexi\u00f3n particular lea o interact\u00fae con el uso activo de otro usuario de esa misma conexi\u00f3n"}], "id": "CVE-2021-41767", "lastModified": "2024-11-21T06:26:43.560", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-01-11T22:15:07.570", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/01/11/6"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/5l31k4jmzdsfz0xt8osrbl878gb3b7ro"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/01/11/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/5l31k4jmzdsfz0xt8osrbl878gb3b7ro"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@apache.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}