Miggo Logo

CVE-2021-32163: Privilege escalation in MOSN

9.8

CVSS Score
3.1

Basic Information

EPSS Score
0.47534%
Published
2/17/2023
Updated
3/1/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
mosn.io/mosngo< 0.23.00.23.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper case-sensitive handling of URL paths in JWT authorization checks. The GitHub issue (#1633) demonstrates that requests with case-varied paths (e.g., '/indeX' vs '/index') bypassed authentication. The fix in PR #1637 modified the prefix matching logic to use case-insensitive comparisons when configured, confirming the vulnerability existed in the original case-sensitive Matches function implementation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ut**nti**tion vuln*r**ility in MOSN ***or* v.*.**.* *llows *tt**k*r to *s**l*t* privil***s vi* **s*-s*nsitiv* JWT *ut*oriz*tion.

Reasoning

T** vuln*r**ility st*ms *rom improp*r **s*-s*nsitiv* **n*lin* o* URL p*t*s in JWT *ut*oriz*tion ****ks. T** *it*u* issu* (#****) **monstr*t*s t**t r*qu*sts wit* **s*-v*ri** p*t*s (*.*., '/in**X' vs '/in**x') *yp*ss** *ut**nti**tion. T** *ix in PR #**