NVD脆弱性詳細

CVE-2021-42013

概要	It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
公表日	2021年10月8日1:15
登録日	2021年10月8日10:00
最終更新日	2024年11月21日15:27

CVSS3.1 : CRITICAL
スコア	9.8
ベクター	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高

CVSS2.0 : HIGH
スコア	7.5
ベクター	AV:N/AC:L/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:apache:http_server:2.4.49:::::::*
cpe:2.3:a:apache:http_server:2.4.50:::::::*

構成2	以上	以下	より上	未満
cpe:2.3:o:fedoraproject:fedora:34:::::::*
cpe:2.3:o:fedoraproject:fedora:35:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools::::::::				9.2.6.0
cpe:2.3:a:oracle:secure_backup::::::::				18.1.0.1.0

構成4		以上	以下	より上	未満
cpe:2.3:a:netapp:cloud_backup:-:::::::*

関連情報、対策とツール

No	URL	タグ
1	http://jvn.jp/en/jp/JVN51106450/index.html	Third Party Advisory
2	http://jvn.jp/en/jp/JVN51106450/index.html	Third Party Advisory
3	http://packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html	Exploit Third Party Advisory VDB Entry
4	http://packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html	Exploit Third Party Advisory VDB Entry
5	http://packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
6	http://packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
7	http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
8	http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
9	http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
10	http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
11	http://packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html	Third Party Advisory VDB Entry
12	http://packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html	Third Party Advisory VDB Entry
13	http://packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
14	http://packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
15	http://www.openwall.com/lists/oss-security/2021/10/07/6	Mailing List Third Party Advisory
16	http://www.openwall.com/lists/oss-security/2021/10/07/6	Mailing List Third Party Advisory
17	http://www.openwall.com/lists/oss-security/2021/10/08/1	Mailing List Third Party Advisory
18	http://www.openwall.com/lists/oss-security/2021/10/08/1	Mailing List Third Party Advisory
19	http://www.openwall.com/lists/oss-security/2021/10/08/2	Mailing List Third Party Advisory
20	http://www.openwall.com/lists/oss-security/2021/10/08/2	Mailing List Third Party Advisory
21	http://www.openwall.com/lists/oss-security/2021/10/08/3	Mailing List Third Party Advisory
22	http://www.openwall.com/lists/oss-security/2021/10/08/3	Mailing List Third Party Advisory
23	http://www.openwall.com/lists/oss-security/2021/10/08/4	Mailing List Third Party Advisory
24	http://www.openwall.com/lists/oss-security/2021/10/08/4	Mailing List Third Party Advisory
25	http://www.openwall.com/lists/oss-security/2021/10/08/5	Mailing List Third Party Advisory
26	http://www.openwall.com/lists/oss-security/2021/10/08/5	Mailing List Third Party Advisory
27	http://www.openwall.com/lists/oss-security/2021/10/08/6	Mailing List Third Party Advisory
28	http://www.openwall.com/lists/oss-security/2021/10/08/6	Mailing List Third Party Advisory
29	http://www.openwall.com/lists/oss-security/2021/10/09/1	Mailing List Third Party Advisory
30	http://www.openwall.com/lists/oss-security/2021/10/09/1	Mailing List Third Party Advisory
31	http://www.openwall.com/lists/oss-security/2021/10/11/4	Mailing List Third Party Advisory
32	http://www.openwall.com/lists/oss-security/2021/10/11/4	Mailing List Third Party Advisory
33	http://www.openwall.com/lists/oss-security/2021/10/15/3	Mailing List Third Party Advisory
34	http://www.openwall.com/lists/oss-security/2021/10/15/3	Mailing List Third Party Advisory
35	http://www.openwall.com/lists/oss-security/2021/10/16/1	Mailing List Third Party Advisory
36	http://www.openwall.com/lists/oss-security/2021/10/16/1	Mailing List Third Party Advisory
37	https://httpd.apache.org/security/vulnerabilities_24.html	Release Notes Vendor Advisory
38	https://httpd.apache.org/security/vulnerabilities_24.html	Release Notes Vendor Advisory
39	https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
40	https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
41	https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E	Mailing List
42	https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E	Mailing List
43	https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E	Mailing List
44	https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E	Mailing List
45	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/	Release Notes
46	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/	Release Notes
47	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/	Release Notes
48	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/	Release Notes
49	https://security.gentoo.org/glsa/202208-20	Third Party Advisory
50	https://security.gentoo.org/glsa/202208-20	Third Party Advisory
51	https://security.netapp.com/advisory/ntap-20211029-0009/	Third Party Advisory
52	https://security.netapp.com/advisory/ntap-20211029-0009/	Third Party Advisory
53	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ	Third Party Advisory
54	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ	Third Party Advisory
55	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
56	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
57	https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
58	https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
59	https://www.povilaika.com/apache-2-4-50-exploit/	Exploit Third Party Advisory
60	https://www.povilaika.com/apache-2-4-50-exploit/	Exploit Third Party Advisory

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-22	パス・トラバーサル	https://cwe.mitre.org/data/definitions/22.html

JVN脆弱性情報

Apache HTTP Server におけるディレクトリトラバーサルの脆弱性

タイトル	Apache HTTP Server におけるディレクトリトラバーサルの脆弱性
概要	The Apache Software Foundation が提供する Apache HTTP Server には、ディレクトリトラバーサル (CWE-22) の脆弱性が存在します。この脆弱性情報は、次の方が製品開発者に直接報告し、製品開発者との調整を経て、製品利用者への周知を目的に JVN での公表に至りました。報告者: 株式会社インターネットイニシアティブ熊坂駿吾氏
想定される影響	遠隔の第三者によって、ドキュメントルート外に置かれた「require all denied」で保護されていないファイルにアクセスされる可能性があります。さらに、CGI スクリプトが有効な場合、任意のコードを実行される可能性があります。
対策	[アップデートする] 開発者が提供する情報をもとに、最新版へアップデートしてください。
公表日	2021年10月8日0:00
登録日	2021年10月8日15:55
最終更新日	2023年12月12日16:40

影響を受けるシステム

Apache Software Foundation

Apache HTTP Server 2.4.49 および 2.4.50

日立

日立高信頼サーバ RV3000

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-42013	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42013

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-22	https://jvndb.jvn.jp/ja/cwe/CWE-22.html

ベンダー情報

No	名前	URL
Apache
1	Changes with Apache 2.4.51	https://downloads.apache.org/httpd/CHANGES_2.4.51
Apache httpd 2.4 vulnerabilities
2	Fixed in Apache HTTP Server 2.4.51	https://httpd.apache.org/security/vulnerabilities_24.html#2.4.51
サーバ・クライアント製品セキュリティ情報
3	hitachi-sec-2023-217	https://www.hitachi.co.jp/products/it/server/security/info/vulnerable/hitachi_sec_2023_217.html

その他

No	名前	URL
IPA 重要なセキュリティ情報
1	更新：Apache HTTP Server の脆弱性対策について(CVE-2021-41773, CVE-2021-42013)	https://www.ipa.go.jp/security/ciadr/vul/alert20211006.html
JPCERT 注意喚起
2	Apache HTTP Serverのパストラバーサルの脆弱性（CVE-2021-41773）に関する注意喚起	https://www.jpcert.or.jp/at/2021/at210043.html
JVN
3	JVN#51106450	https://jvn.jp/jp/JVN51106450/index.html

変更履歴

No	変更内容	変更日
1	[2021年10月08日] 掲載	2021年10月8日12:13
2	[2023年12月12日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (hitachi-sec-2023-217) を追加	2023年12月12日12:25