Qhov tsis zoo (CVE-2021-43798) tau raug txheeb xyuas nyob rau hauv cov ntaub ntawv qhib qhov pom kev pom platform Grafana, uas tso cai rau koj khiav tawm dhau ntawm cov ntaub ntawv hauv paus thiab nkag mus rau cov ntaub ntawv tsis txaus ntseeg hauv cov ntaub ntawv hauv zos ntawm cov neeg rau zaub mov, kom deb li deb ntawm txoj cai nkag. ntawm tus neeg siv nyob rau hauv uas Grafana tab tom khiav tso cai. Qhov teeb meem yog tshwm sim los ntawm kev ua haujlwm tsis raug ntawm tus neeg tuav txoj kev "/public/plugins/ /", uas tso cai rau siv ".." cov cim nkag mus rau hauv qab cov npe.
Qhov tsis zoo tuaj yeem raug siv los ntawm kev nkag mus rau URL ntawm cov plugins uas raug ntsia ua ntej, xws li "/public/plugins/graph/", "/public/plugins/mysql/" thiab "/public/plugins/prometheus/" (txog 40 plugins yog pre-installed nyob rau hauv tag nrho). Piv txwv li, txhawm rau nkag mus rau /etc/passwd cov ntaub ntawv, koj tuaj yeem xa daim ntawv thov "/public/plugins/prometheus/../../../../../../../../etc /passwd". Txhawm rau txheeb xyuas cov cim ntawm kev siv dag zog, nws raug nquahu kom kuaj xyuas qhov muaj "..%2f" daim npog ntsej muag hauv http server cav.
Qhov teeb meem tau tshwm sim los ntawm version 8.0.0-beta1 thiab tau kho nyob rau hauv qhov kev tso tawm ntawm Grafana 8.3.1, 8.2.7, 8.1.8 thiab 8.0.7, tab sis tom qab ntawd ob qho kev tsis zoo sib xws tau txheeb xyuas (CVE-2021-43813, CVE-2021- 43815) uas tau tshwm sim los ntawm Grafana 5.0.0 thiab Grafana 8.0.0-beta3, thiab tso cai rau tus neeg siv Grafana authenticated nkag mus rau cov ntaub ntawv tsis txaus ntseeg ntawm lub kaw lus nrog cov txuas ntxiv ".md" thiab ".csv" (nrog cov ntaub ntawv cov npe tsuas yog hauv qis lossis tsuas yog hauv cov ntawv loj), los ntawm kev tswj hwm ntawm ".." cov cim hauv txoj hauv kev "/api/plugins/.*/markdown/.*" thiab "/api/ds/query". Txhawm rau tshem tawm cov kev tsis zoo no, Grafana 8.3.2 thiab 7.5.12 hloov tshiab tau tsim.
Tau qhov twg los: opennet.ru