Miggo Logo

CVE-2020-17522: Cache Manipulation Attack in Apache Traffic Control

5.8

CVSS Score
3.1

Basic Information

EPSS Score
0.85691%
Published
6/18/2021
Updated
2/1/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/apache/trafficcontrolgo< 5.0.05.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper handling of ip_allow.config updates in ORT. The commit diff shows critical changes to the process_cfg_file subroutine where a new guard clause was added to prevent ip_allow.config updates unless in 'badass' mode or with explicit syncds_updates_ipallow flag. Before this patch, the function lacked these safeguards, allowing unauthorized updates that could propagate insecure permissions. The direct modification of this function in the patch to add security checks indicates it was the source of the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W**n ORT (now vi* *tst****) **n*r*t*s ip_*llow.*on*i* *il*s in *p**** Tr***i* *ontrol *.*.* to *.*.* *n* *.*.* to *.*.*, t*os* *il*s in*lu** p*rmissions t**t *llow *** **tors to pus* *r*itr*ry *ont*nt into *n* r*mov* *r*itr*ry *ont*nt *rom **N *****

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* ip_*llow.*on*i* up**t*s in ORT. T** *ommit *i** s*ows *riti**l ***n**s to t** pro**ss_***_*il* su*routin* w**r* * n*w *u*r* *l*us* w*s ***** to pr*v*nt ip_*llow.*on*i* up**t*s unl*ss in '****ss' mo**