4.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-29194

GHSA ID

GHSA-735r-hv67-g38f

EPSS Score

0.22866%

CWE

CWE-20

Published

4/11/2023

Updated

5/20/2024

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-29194

CVE-2023-29194: vitess allows users to create keyspaces that can deny access to already existing keyspaces

Impact

Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces using vtctldclient GetKeyspaces will also return an error. Note that all other keyspaces can still be administered using the CLI (vtctldclient).

Patches

v16.0.1 (corresponding to 0.16.1 on pkg.go.dev)

Workarounds

Delete the offending keyspace using a CLI client (vtctldclient)

vtctldclient --server ... DeleteKeyspace a/b

Found during a security audit sponsored by the CNCF and facilitated by OSTIF.

(GitHub Advisory)

4.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-29194

GHSA ID

GHSA-735r-hv67-g38f

EPSS Score

0.22866%

CWE

CWE-20

Published

4/11/2023

Updated

5/20/2024

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
vitess.io/vitess	go	< 0.16.1	0.16.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from missing input validation in keyspace management functions. The commit diff shows:

A new ValidateKeyspaceName function was added to check for '/' characters
This validation was integrated into both CreateKeyspace and GetKeyspace methods
Prior to the patch, these functions did not perform this validation, allowing creation/retrieval of invalid keyspace names
The CWE-20 (Input Validation) mapping confirms this was an input validation failure
The added test cases in keyspace_test.go specifically test the prevention of '/' characters, demonstrating the previous lack of validation

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t Us*rs **n *it**r int*ntion*lly or in**v*rt*ntly *r**t* * k*ysp*** *ont*inin* `/` ***r**t*rs su** t**t *rom t**t point on, *nyon* w*o tri*s to vi*w k*ysp***s *rom VT**min will r***iv* *n *rror. Tryin* to list *ll t** k*ysp***s usin* `vt*tl*

Reasoning

T** vuln*r**ility st*ms *rom missin* input v*li**tion in k*ysp*** m*n***m*nt *un*tions. T** *ommit *i** s*ows: *. * n*w V*li**t*K*ysp***N*m* *un*tion w*s ***** to ****k *or '/' ***r**t*rs *. T*is v*li**tion w*s int**r*t** into *ot* *r**t*K*ysp*** *n

4.1

Basic Information

Concerned about an active attack path?

CVE-2023-29194: vitess allows users to create keyspaces that can deny access to already existing keyspaces

Impact

Patches

Workarounds

4.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI