Miggo Logo
Miggo Vulnerability Database
CVE-2021-43350

CVE-2021-43350: Apache Traffic Control Traffic Ops Vulnerable to LDAP Injection

9.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-43350
GHSA ID
GHSA-mg2c-rc36-p594
EPSS Score
0.81519%
CWE
CWE-74
Published
5/24/2022
Updated
6/10/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/apache/trafficcontrolgo>= 6.0.0, < 6.0.16.0.1
github.com/apache/trafficcontrolgo>= 5.1.0, < 5.1.45.1.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper neutralization of the username parameter in LDAP queries. The /login endpoint's authentication flow would logically involve an LDAP filter construction using user input. Given the CWE-74 classification and the LDAP injection vector, the most likely vulnerable code is the LDAP authentication handler that builds the filter string without applying proper escaping (e.g., using fmt.Sprintf("(cn=%s)", username) instead of ldap.EscapeFilter). The function name and location are inferred from standard Traffic Control project structure and authentication implementation patterns.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n un*ut**nti**t** *p**** Tr***i* *ontrol Tr***i* Ops us*r **n s*n* * r*qu*st wit* * sp**i*lly-*r**t** us*rn*m* to t** POST `/lo*in` *n*point o* *ny *PI v*rsion to inj**t uns*nitiz** *ont*nt into t** L**P *ilt*r.

Reasoning

T** vuln*r**ility st*ms *rom improp*r n*utr*liz*tion o* t** us*rn*m* p*r*m*t*r in L**P qu*ri*s. T** /lo*in *n*point's *ut**nti**tion *low woul* lo*i**lly involv* *n L**P *ilt*r *onstru*tion usin* us*r input. *iv*n t** *W*-** *l*ssi*i**tion *n* t** L*