Published: 02/07/2021 Updated: 07/11/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache druid

In the Druid ingestion system, the InputSource is used for reading data from a certain data source However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process This is not an elevation of privilege when users access Druid dire ...

oss-sec mailing list archives   By Date By Thread </form>    CVE-2021-36749: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended (in ...

oss-sec mailing list archives   By Date By Thread </form>    CVE-2021-26920: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended <! ...

CVE-2021-36749 About - In the Druid ingestion system, the InputSource is used for reading data from a certain data source However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process This is not an elevation of privilege when users access Druid directly, s

CWE-610 https://lists.apache.org/thread.html/r29e45561343cc5cf7d3290ee0b0e94e565faab19c20d022df9b5e29c%40%3Cdev.druid.apache.org%3E http://www.openwall.com/lists/oss-security/2021/07/02/1 http://www.openwall.com/lists/oss-security/2021/09/24/1 https://lists.apache.org/thread.html/r61aab724cf97d80da7f02d50e9af6de5c7c40dd92dab7518746fbaa2%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/rc9400a70d0ec5cdb8a3486fc5ddb0b5282961c0b63e764abfbcb9f5d%40%3Cdev.druid.apache.org%3E https://lists.apache.org/thread.html/r304dfe56a5dfe1b2d9166b24d2c74ad1c6730338b20aef77a00ed2be%40%3Cannounce.apache.org%3E https://nvd.nist.gov https://github.com/dorkerdevil/CVE-2021-36749 https://access.redhat.com/security/cve/cve-2021-26920

CVE-2021-26920

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect