Vulnerability Description
All request mappings in `StreamingCoordinatorController.java` handling `/kylin/api/streaming_coordinator/*` REST API endpoints did not include any security checks, which allowed an unauthenticated user to issue arbitrary requests, such as assigning/unassigning of streaming cubes, creation/modification and deletion of replica sets, to the Kylin Coordinator. For endpoints accepting node details in HTTP message body, unauthenticated (but limited) server-side request forgery (SSRF) can be achieved. This issue affects Apache Kylin Apache Kylin 3 versions prior to 3.1.2.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Kylin | >= 3.0.0, < 3.1.2 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2022/01/06/6Mailing ListThird Party Advisory
- https://lists.apache.org/thread/vkohh0to2vzwymyb2x13fszs3cs3vd70Mailing ListVendor Advisory
- http://www.openwall.com/lists/oss-security/2022/01/06/6Mailing ListThird Party Advisory
- https://lists.apache.org/thread/vkohh0to2vzwymyb2x13fszs3cs3vd70Mailing ListVendor Advisory
FAQ
What is CVE-2021-27738?
CVE-2021-27738 is a vulnerability with a CVSS score of 7.5 (HIGH). All request mappings in `StreamingCoordinatorController.java` handling `/kylin/api/streaming_coordinator/*` REST API endpoints did not include any security checks, which allowed an unauthenticated use...
How severe is CVE-2021-27738?
CVE-2021-27738 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27738?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Kylin.