ProHoster > Блог > labaran intanet > Rashin lahani mai haɗari a cikin tsarin sarrafa sanyi na SaltStack

Rashin lahani mai haɗari a cikin tsarin sarrafa sanyi na SaltStack

Sabbin abubuwan da aka saki na tsarin gudanarwa na daidaitawa SaltStack 3002.5, 3001.6 da 3000.8 sun kafa wani rauni (CVE-2020-28243) wanda ke ba da damar mai amfani na gida mara amfani na rundunar don haɓaka gata a cikin tsarin. Matsalar tana faruwa ne ta hanyar kwaro a cikin mai sarrafa gishiri da ake amfani da ita don karɓar umarni daga sabar ta tsakiya. An gano raunin a watan Nuwamba, amma yanzu an gyara shi.

Lokacin yin aikin "sake farawa", yana yiwuwa a musanya umarni na sabani ta hanyar magudin sunan tsari. Musamman ma, buƙatar kasancewar kunshin an aiwatar da shi ta hanyar ƙaddamar da mai sarrafa kunshin da ƙaddamar da hujja da aka samo daga sunan tsari. An ƙaddamar da manajan kunshin ta hanyar kiran aikin popen a yanayin ƙaddamar da harsashi, amma ba tare da guje wa haruffa na musamman ba. Ta hanyar canza sunan tsari da amfani da alamomi kamar ";" kuma "|" za ku iya tsara aiwatar da lambar ku.

Baya ga matsalar da aka sani, SaltStack 3002.5 ya gyara ƙarin lahani 9:

  • CVE-2021-25281 - saboda rashin ingantaccen tabbaci na hukuma, mai kai hari na nesa zai iya ƙaddamar da kowane ƙirar dabaran a gefen sabar uwar garken sarrafawa ta hanyar shiga SaltAPI kuma ya daidaita dukkan abubuwan more rayuwa.
  • CVE-2021-3197 batu ne a cikin tsarin SSH don minion wanda ke ba da izinin aiwatar da umarnin harsashi na sabani ta hanyar maye gurbin muhawara tare da saitin "ProxyCommand" ko wucewa ssh_options ta API.
  • CVE-2021-25282 Samun dama ga wheel_async mara izini yana ba da damar kira zuwa SaltAPI don sake rubuta fayil a wajen babban kundin adireshi kuma aiwatar da lambar sabani akan tsarin.
  • CVE-2021-25283 Babban kundin adireshi na rashin iyaka a cikin wheel.pillar_roots.write mai kulawa a cikin SaltAPI yana ba da damar samfuri na sabani don ƙarawa ga mai yin jinja.
  • CVE-2021-25284 - kalmomin shiga da aka saita ta hanyar yanar gizo an adana su a cikin madaidaicin rubutu a cikin /var/log/gishiri/minion log.
  • CVE-2021-3148 - Yiwuwar maye gurbin umarni ta hanyar kiran SaltAPI zuwa salt.utils.thin.gen_thin().
  • CVE-2020-35662 - Bacewar tabbatarwar takardar shedar SSL a cikin tsayayyen tsari.
  • CVE-2021-3144 - Yiwuwar amfani da alamun tabbatar da eauth bayan karewar su.
  • CVE-2020-28972 - Lambar ba ta duba takardar shaidar SSL/TLS ta uwar garken ba, wanda ya ba da damar kai harin MITM.

source: budenet.ru

Add a comment