CVE-2021-41267 — MEDIUM (6.5)

Q: How severe is CVE-2021-41267?

CVE-2021-41267 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-41267?

Check the references section above for vendor advisories and patch information. Affected products include: Sensiolabs Symfony.

Vulnerability Description

Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Sensiolabs	Symfony	>= 5.2.0, < 5.3.12

Related Weaknesses (CWE)

CWE-444

References

https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c4PatchThird Party Advisory
https://github.com/symfony/symfony/pull/44243PatchThird Party Advisory
https://github.com/symfony/symfony/releases/tag/v5.3.12Release NotesThird Party Advisory
https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2qPatchThird Party Advisory
https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c4PatchThird Party Advisory
https://github.com/symfony/symfony/pull/44243PatchThird Party Advisory
https://github.com/symfony/symfony/releases/tag/v5.3.12Release NotesThird Party Advisory
https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2qPatchThird Party Advisory

FAQ

What is CVE-2021-41267?

CVE-2021-41267 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" ...

How severe is CVE-2021-41267?

CVE-2021-41267 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-41267?

Check the references section above for vendor advisories and patch information. Affected products include: Sensiolabs Symfony.