Miggo Logo

CVE-2021-45330: Improper Privilege Management in Gitea

9.8

CVSS Score
3.1

Basic Information

EPSS Score
0.78773%
Published
2/10/2022
Updated
1/28/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
code.gitea.io/giteago< 1.6.01.6.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from API routes accepting session cookies without requiring fresh authentication. The key fix in PR #4840 modified the reqToken middleware to strictly require tokens or basic auth. This indicates the authentication logic in this middleware was the root cause - it previously allowed cookie-based sessions to persist server-side after logout, enabling privilege escalation through session reuse.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* *xsits in *it** t*rou** *.**.*, w*i** *oul* l*t * m*li*ious us*r **in privil***s *u* to *li*nt si** *ooki*s not **in* **l*t** *n* t** s*ssion r*m*ins v*li* on t** s*rv*r si** *or r*us*.

Reasoning

T** vuln*r**ility st*mm** *rom *PI rout*s ****ptin* s*ssion *ooki*s wit*out r*quirin* *r*s* *ut**nti**tion. T** k*y *ix in PR #**** mo*i*i** t** `r*qTok*n` mi**l*w*r* to stri*tly r*quir* tok*ns or **si* *ut*. T*is in*i**t*s t** *ut**nti**tion lo*i* i