CVE-2021-3524: Input Validation
First published: Thu Apr 15 2021(Updated: )
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. In addition, the prior bug fix for CVE-2020-10753 did not account for the use of \r as a header separator, thus a new flaw has been created.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/ceph | <2:14.2.22-110.el7c | 2:14.2.22-110.el7c |
| redhat/ceph | <2:16.2.7-98.el8c | 2:16.2.7-98.el8c |
| redhat/ceph | <14.2.21 | 14.2.21 |
| Redhat Ceph | <14.2.21 | |
| Redhat Ceph Storage | =4.0 | |
| Fedoraproject Fedora | =32 | |
| Fedoraproject Fedora | =33 | |
| Fedoraproject Fedora | =34 | |
| Debian Debian Linux | =9.0 |
Remedy
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1951674
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPCJN2YDZCBMF4FOJXSTAADKFGEQEO7O/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FX5ZHI5L7FOHXOSEV3TYBAL66DMLJ7V5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRUNDH2TJRZRWL3DCH2PQ6KROWTPQ7AJ/
- https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX5ZHI5L7FOHXOSEV3TYBAL66DMLJ7V5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPCJN2YDZCBMF4FOJXSTAADKFGEQEO7O/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZRUNDH2TJRZRWL3DCH2PQ6KROWTPQ7AJ/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1958426
- https://github.com/ceph/ceph/releases/tag/v14.2.21
- https://access.redhat.com/errata/RHSA-2022:1174
- https://access.redhat.com/errata/RHSA-2022:1716
- https://access.redhat.com/security/cve/cve-2021-3524
- https://www.cve.org/CVERecord?id=CVE-2021-3524 https://nvd.nist.gov/vuln/detail/CVE-2021-3524
Frequently Asked Questions
What is CVE-2021-3524?
CVE-2021-3524 is a vulnerability found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) before version 14.2.21.
How severe is CVE-2021-3524?
CVE-2021-3524 has a severity rating of 6.5 (medium).
What is the vulnerability in CVE-2021-3524 related to?
The vulnerability in CVE-2021-3524 is related to the injection of HTTP headers via a CORS ExposeHeader tag.
Which versions of Red Hat Ceph Storage RadosGW are affected by CVE-2021-3524?
Versions before 14.2.21 of Red Hat Ceph Storage RadosGW are affected by CVE-2021-3524.
How can I fix CVE-2021-3524?
To fix CVE-2021-3524, you should update your Red Hat Ceph Storage RadosGW to version 14.2.21 or later.
- collector/redhat-cve
- agent/author
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/remedy
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-3524
- agent/software-canonical-lookup
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- agent/softwarecombine
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- package-manager/redhat
- vendor/redhat
- canonical/redhat ceph
- canonical/redhat ceph storage
- version/redhat ceph storage/4.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/32
- version/fedoraproject fedora/33
- version/fedoraproject fedora/34
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0