Miggo Logo
Miggo Vulnerability Database
CVE-2021-21311

CVE-2021-21311:
SSRF in adminer

7.2

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-21311
GHSA ID
GHSA-x5r2-hj5c-8jx6
EPSS Score
0.99451%
CWE
CWE-918
Published
2/11/2021
Updated
2/1/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
vrana/adminercomposer< 4.7.94.7.9

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commit ccd2374b patched SSRF by modifying error handling in both drivers. Previously, when HTTP status codes weren't 200, these functions set error messages using the raw server response ($file). This allowed attackers to: 1) Force Adminer to make arbitrary HTTP requests (SSRF vector) 2) Read response contents through error messages. The vulnerability manifests in functions handling Elasticsearch and ClickHouse driver communications, where improper error message construction leaked internal service data.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t Us*rs o* **min*r v*rsions *un*lin* *ll *riv*rs (*.*. `**min*r.p*p`) *r* *****t**. ### P*t***s P*t**** *y ********, in*lu*** in v*rsion [*.*.*](*ttps://*it*u*.*om/vr*n*/**min*r/r*l**s*s/t**/v*.*.*). ### Work*roun*s * Us* * sin*l* *riv*r v

Reasoning

T** *ommit ******** p*t**** SSR* *y mo*i*yin* *rror **n*lin* in *ot* *riv*rs. Pr*viously, w**n *TTP st*tus *o**s w*r*n't ***, t**s* *un*tions s*t *rror m*ss***s usin* t** r*w s*rv*r r*spons* ($*il*). T*is *llow** *tt**k*rs to: *) *or** `**min*r` to m