5.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-17522

GHSA ID

GHSA-pw59-4qgf-jxr8

EPSS Score

0.85691%

CWE

CWE-525

Published

6/18/2021

Updated

2/1/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-17522

CVE-2020-17522: Cache Manipulation Attack in Apache Traffic Control

When ORT (now via atstccfg) generates ip_allow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers. Additionally, these permissions are potentially extended to IP addresses outside the desired range, resulting in them being granted to clients possibly outside the CDN arcitechture.

(GitHub Advisory)

5.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-17522

GHSA ID

GHSA-pw59-4qgf-jxr8

EPSS Score

0.85691%

CWE

CWE-525

Published

6/18/2021

Updated

2/1/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/apache/trafficcontrol	go	< 5.0.0	5.0.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper handling of ip_allow.config updates in ORT. The commit diff shows critical changes to the process_cfg_file subroutine where a new guard clause was added to prevent ip_allow.config updates unless in 'badass' mode or with explicit syncds_updates_ipallow flag. Before this patch, the function lacked these safeguards, allowing unauthorized updates that could propagate insecure permissions. The direct modification of this function in the patch to add security checks indicates it was the source of the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W**n ORT (now vi* *tst****) **n*r*t*s ip_*llow.*on*i* *il*s in *p**** Tr***i* *ontrol *.*.* to *.*.* *n* *.*.* to *.*.*, t*os* *il*s in*lu** p*rmissions t**t *llow *** **tors to pus* *r*itr*ry *ont*nt into *n* r*mov* *r*itr*ry *ont*nt *rom **N *****

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* ip_*llow.*on*i* up**t*s in ORT. T** *ommit *i** s*ows *riti**l ***n**s to t** pro**ss_***_*il* su*routin* w**r* * n*w *u*r* *l*us* w*s ***** to pr*v*nt ip_*llow.*on*i* up**t*s unl*ss in '****ss' mo**

5.8

Basic Information

Concerned about an active attack path?

CVE-2020-17522: Cache Manipulation Attack in Apache Traffic Control

5.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI