fkie_cve-2021-37625
Vulnerability from fkie_nvd
Published
2021-08-05 18:15
Modified
2024-11-21 06:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7 | Third Party Advisory | |
| security-advisories@github.com | https://security.skytable.io/ve/s/00002.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.skytable.io/ve/s/00002.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| skytable | skytable | 0.1.0 | |
| skytable | skytable | 0.2.0 | |
| skytable | skytable | 0.3.0 | |
| skytable | skytable | 0.3.1 | |
| skytable | skytable | 0.3.2 | |
| skytable | skytable | 0.4.0 | |
| skytable | skytable | 0.4.1 | |
| skytable | skytable | 0.4.2 | |
| skytable | skytable | 0.4.3 | |
| skytable | skytable | 0.4.4 | |
| skytable | skytable | 0.4.5 | |
| skytable | skytable | 0.5.0 | |
| skytable | skytable | 0.5.1 | |
| skytable | skytable | 0.5.2 | |
| skytable | skytable | 0.6.0 | |
| skytable | skytable | 0.6.1 | |
| skytable | skytable | 0.6.2 | |
| skytable | skytable | 0.6.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:skytable:skytable:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7A0023-9DCA-437D-BCF7-6E1EA2899E27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "790FC927-0EBF-4AE6-A4B4-90310C149DE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "129E6A3A-81EB-4584-AE12-1B9A74699747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D48FA2A6-1FDF-4677-8ABF-DF3BE6935284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "001BF079-4783-4197-8D43-367535FAD983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFB2633-7F65-45AA-AC30-461CA771A770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19C54D4B-2164-483C-A9C5-9F60F6B2D512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4431E8E5-BFA8-4DD1-81D1-9A092EE362D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4335E944-F8E7-4C35-9BE9-4007D10B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDF3B93-D0FA-451D-8DD4-18F7A417A8E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C23C9BA7-AC91-4EA8-BAAC-03A545C4E499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C814B-E134-40F4-B2BC-AB7A8D7A04AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95DF9168-46E2-4A19-A9A2-7A6334FA9C4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "280D42AA-9441-437D-BAC6-73DCA0A7C0DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2284DFFE-9C99-4877-886A-E79D7DBD8E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2B7E5F-9305-4FFE-8C15-7D9BC9C514C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE19B368-C086-4575-99E2-F9BEBE7DB161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:skytable:skytable:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEFFEC6-4B0A-49FC-BFEF-434E4384763D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm."
},
{
"lang": "es",
"value": "Skytable es una base de datos NoSQL de c\u00f3digo abierto. En versiones anteriores a 0.6.4, una comprobaci\u00f3n incorrecta del valor de retorno de la funci\u00f3n accept en el bucle de ejecuci\u00f3n para un socket TCP/socket TLS/multisocket TCP+TLS causa una salida anticipada del bucle de ejecuci\u00f3n que deber\u00eda continuar infinitamente a menos que sea terminado por un usuario local, causando efectivamente el cierre de todo el servidor de base de datos. Esto presenta un impacto severo y puede ser usado para causar f\u00e1cilmente ataques DoS sin necesidad de usar mucho ancho de banda. Los vectores de ataque incluyen el uso de una conexi\u00f3n TLS incompleta, por ejemplo, no proporcionando el certificado para la conexi\u00f3n, y usando de un paquete TCP especialmente dise\u00f1ado que desencadena el algoritmo de backoff de la capa de aplicaci\u00f3n"
}
],
"id": "CVE-2021-37625",
"lastModified": "2024-11-21T06:15:32.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-05T18:15:07.443",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security.skytable.io/ve/s/00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security.skytable.io/ve/s/00002.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-252"
},
{
"lang": "en",
"value": "CWE-253"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…