CVE-2024-40632 - Vulnerability Details

Link	Providers
https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs
https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa
https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-40632", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-07-08T16:13:15.511Z", "datePublished": "2024-07-15T21:22:57.957Z", "dateUpdated": "2024-08-02T04:33:11.882Z"}, "containers": {"cna": {"title": "Linkerd potential access to the shutdown endpoint", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7"}, {"name": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa", "tags": ["x_refsource_MISC"], "url": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa"}, {"name": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs", "tags": ["x_refsource_MISC"], "url": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs"}], "affected": [{"vendor": "linkerd", "product": "linkerd2", "versions": [{"version": "< edge-24.6.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-15T21:22:57.957Z"}, "descriptions": [{"lang": "en", "value": "Linkerd is an open source, ultralight, security-first service mesh for Kubernetes. In affected versions when the application being run by linkerd is susceptible to SSRF, an attacker could potentially trigger a denial-of-service (DoS) attack by making requests to localhost:4191/shutdown. Linkerd could introduce an optional environment variable to control a token that must be passed as a header. Linkerd should reject shutdown requests that do not include this header. This issue has been addressed in release version edge-24.6.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-6v94-gj6x-jqj7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-16T00:14:16.657943Z", "id": "CVE-2024-40632", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T00:14:22.059Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.882Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7"}, {"name": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa"}, {"name": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-16T00:14:16.657943Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T00:14:20.310Z"}}], "cna": {"title": "Linkerd potential access to the shutdown endpoint", "source": {"advisory": "GHSA-6v94-gj6x-jqj7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "linkerd", "product": "linkerd2", "versions": [{"status": "affected", "version": "< edge-24.6.2"}]}], "references": [{"url": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7", "name": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa", "name": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs", "name": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Linkerd is an open source, ultralight, security-first service mesh for Kubernetes. In affected versions when the application being run by linkerd is susceptible to SSRF, an attacker could potentially trigger a denial-of-service (DoS) attack by making requests to localhost:4191/shutdown. Linkerd could introduce an optional environment variable to control a token that must be passed as a header. Linkerd should reject shutdown requests that do not include this header. This issue has been addressed in release version edge-24.6.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-15T21:22:57.957Z"}}}, "cveMetadata": {"cveId": "CVE-2024-40632", "state": "PUBLISHED", "dateUpdated": "2024-07-16T00:14:22.059Z", "dateReserved": "2024-07-08T16:13:15.511Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-15T21:22:57.957Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Linkerd is an open source, ultralight, security-first service mesh for Kubernetes. In affected versions when the application being run by linkerd is susceptible to SSRF, an attacker could potentially trigger a denial-of-service (DoS) attack by making requests to localhost:4191/shutdown. Linkerd could introduce an optional environment variable to control a token that must be passed as a header. Linkerd should reject shutdown requests that do not include this header. This issue has been addressed in release version edge-24.6.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Linkerd es una malla de servicios de c\u00f3digo abierto, ultraligera y que prioriza la seguridad para Kubernetes. En las versiones afectadas, cuando la aplicaci\u00f3n que ejecuta Linkerd es susceptible a SSRF, un atacante podr\u00eda desencadenar un ataque de denegaci\u00f3n de servicio (DoS) al realizar solicitudes a localhost:4191/shutdown. Linkerd podr\u00eda introducir una variable de entorno opcional para controlar un token que debe pasarse como encabezado. Linkerd deber\u00eda rechazar las solicitudes de cierre que no incluyan este encabezado. Este problema se solucion\u00f3 en la versi\u00f3n edge-24.6.2 y se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}], "id": "CVE-2024-40632", "lastModified": "2024-11-21T09:31:23.980", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-07-15T22:15:03.017", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs"}, {"source": "security-advisories@github.com", "url": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa"}, {"source": "security-advisories@github.com", "url": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object