NVD Vulnerability Detail

CVE-2021-21276

Summary	Polr is an open source URL shortener. in Polr before version 2.3.0, a vulnerability in the setup process allows attackers to gain admin access to site instances, even if they do not possess an existing account. This vulnerability exists regardless of users' settings. If an attacker crafts a request with specific cookie headers to the /setup/finish endpoint, they may be able to obtain admin privileges on the instance. This is caused by a loose comparison (==) in SetupController that is susceptible to attack. The project has been patched to ensure that a strict comparison (===) is used to verify the setup key, and that /setup/finish verifies that no users table exists before performing any migrations or provisioning any new accounts. This is fixed in version 2.3.0. Users can patch this vulnerability without upgrading by adding abort(404) to the very first line of finishSetup in SetupController.php.
Publication Date	Feb. 2, 2021, 12:15 a.m.
Registration Date	Feb. 2, 2021, 10:01 a.m.
Last Update	Nov. 21, 2024, 2:47 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:polrproject:polr::::::::					2.3.0

Related information, measures and tools

No	URL	タグ
1	http://packetstormsecurity.com/files/171743/POLR-URL-2.3.0-Shortener-Admin-Takeover.html
2	http://packetstormsecurity.com/files/171743/POLR-URL-2.3.0-Shortener-Admin-Takeover.html
3	https://github.com/cydrobolt/polr/commit/b1981709908caf6069b4a29dad3b6739c322c675	Patch Third Party Advisory
4	https://github.com/cydrobolt/polr/commit/b1981709908caf6069b4a29dad3b6739c322c675	Patch Third Party Advisory
5	https://github.com/cydrobolt/polr/releases/tag/2.3.0	Release Notes Third Party Advisory
6	https://github.com/cydrobolt/polr/releases/tag/2.3.0	Release Notes Third Party Advisory
7	https://github.com/cydrobolt/polr/security/advisories/GHSA-vg6w-8w9v-xxqc	Third Party Advisory
8	https://github.com/cydrobolt/polr/security/advisories/GHSA-vg6w-8w9v-xxqc	Third Party Advisory

Common Vulnerabilities List

JVN Vulnerability Information

Polr における不正な認証に関する脆弱性

Title	Polr における不正な認証に関する脆弱性
Summary	Polr には、不正な認証に関する脆弱性が存在します。
Possible impacts	情報を取得される、および情報を改ざんされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Jan. 29, 2021, midnight
Registration Date	Oct. 19, 2021, 5:23 p.m.
Last Update	Oct. 19, 2021, 5:23 p.m.

Affected System

Polr Project

Polr 2.3.0 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-21276	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21276
National Vulnerability Database (NVD)
2	CVE-2021-21276	https://nvd.nist.gov/vuln/detail/CVE-2021-21276

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-863	https://cwe.mitre.org/data/definitions/863.html

ベンダー情報

No	Name	URL
GitHub
1	2.3.0	https://github.com/cydrobolt/polr/releases/tag/2.3.0b
2	Merge pull request from GHSA-vg6w-8w9v-xxqc	https://github.com/cydrobolt/polr/commit/b1981709908caf6069b4a29dad3b6739c322c675
3	Privilege escalation vulnerability in setup process	https://github.com/cydrobolt/polr/security/advisories/GHSA-vg6w-8w9v-xxqc

Change Log

No	Changed Details	Date of change
1	[2021年10月19日] 掲載	Oct. 19, 2021, 5:23 p.m.