CVE-2021-32813

03.08.2021, 23:15

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation, however, the Traefik team has addressed this issue to prevent any potential abuse. If one has a chain of Traefik middlewares, and one of them sets a request header, then sending a request with a certain Connection header will cause it to be removed before the request is sent. In this case, the backend does not see the request header. A patch is available in version 2.4.13. There are no known workarounds aside from upgrading.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.8 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
GitHub_M	CNA	4.8 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 58%

Vendor	Product	Version
traefik	traefik	𝑥 < 2.4.13

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-913 - Improper Control of Dynamically-Managed Code Resources
The software does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

References

https://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9

https://github.com/traefik/traefik/releases/tag/v2.4.13

https://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qg

https://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9

https://github.com/traefik/traefik/releases/tag/v2.4.13

https://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qg