Rewterz Threat Advisory – Multiple Apache ShenYu and Karaf Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-23945 

Apache ShenYu could allow a remote attacker to bypass security restrictions, caused by missing authentication on ShenYu Admin. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions.

CVE-2022-23944 

Apache ShenYu could allow a remote authenticated attacker to bypass security restrictions, caused by improper authentication. By sending a specially-crafted request, an attacker could exploit this vulnerability to access plugin api.

CVE-2022-23223 

Apache ShenYu could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP response. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.

CVE-2022-22932 

Apache Karaf could allow a remote attacker to traverse directories on the system, caused by a flaw in the karaf-maven-plugin. An attacker could send a specially-crafted URL request to view arbitrary folders on the system.

CVE-2021-45029 

Apache ShenYu could allow a remote attacker to execute arbitrary code on the system, caused by Groovy Code Injection & SpEL Injection. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-41766 

Apache Karaf could allow a remote attacker to execute arbitrary code on the system, caused by insecure java deserialization. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

• Security Bypass
• Information Disclosure
• Unauthorized Access
• Code Execution

Affected Vendors

Apache

Affected Products

• Apache ShenYu 2.4.0
• Apache ShenYu 2.4.1
• Apache Karaf 4.2.14
• Apache Karaf 4.3.5

Remediation

Upgrade to the latest version of Apache, available from the Apache Web site

Apache ShenYu:

Apache Karaf: