Plattform
nginx
Komponente
spnego-http-auth-nginx-module
Behoben in
1.1.2
CVE-2021-21335 describes an authentication bypass vulnerability within the SPNEGO HTTP Authentication Module for nginx. An attacker can bypass basic authentication by crafting a malformed username, potentially leading to unauthorized access. This issue affects versions of the module prior to 1.1.1, and a fix is available in version 1.1.1.
This vulnerability allows an attacker to bypass basic authentication within the nginx SPNEGO HTTP Authentication Module. By sending a specially crafted username, an attacker can potentially gain access to resources protected by basic authentication without providing valid credentials. The impact is significant as it can lead to unauthorized access to sensitive data or functionality exposed by the web server. This bypass circumvents the intended security controls, allowing attackers to impersonate legitimate users.
This CVE was publicly disclosed on March 8, 2021. There are currently no known active exploitation campaigns targeting this vulnerability. No public proof-of-concept exploits have been widely published. The vulnerability is not listed on the CISA KEV catalog at the time of this writing.
Organizations using nginx with the SPNEGO HTTP Authentication Module and relying on basic authentication for access control are at risk. This includes deployments where basic authentication is used for internal applications or services, and those with legacy configurations that haven't been updated recently.
• nginx / server:
# Check module version
nginx -V 2>&1 | grep -i spnego• nginx / server:
# Check nginx access logs for suspicious username patterns (e.g., excessively long or containing unusual characters)
grep -i 'username=[[:alnum:]]{100,}' /var/log/nginx/access.logdisclosure
Exploit-Status
EPSS
0.42% (62% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2021-21335 is to upgrade the SPNEGO HTTP Authentication Module to version 1.1.1 or later. If immediate upgrading is not possible due to compatibility issues or breaking changes, disabling basic authentication is a viable workaround. This prevents the vulnerability from being exploited, although it may impact legitimate users relying on basic authentication. Review nginx configuration to ensure basic authentication is only enabled where absolutely necessary.
Aktualisieren Sie das spnego-http-auth-nginx-module auf Version 1.1.1 oder höher. Alternativ können Sie Basic Authentication deaktivieren.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2021-21335 is a vulnerability in the SPNEGO HTTP Authentication Module for nginx that allows attackers to bypass basic authentication using a malformed username, potentially gaining unauthorized access.
You are affected if you are using the SPNEGO HTTP Authentication Module for nginx in versions 1.1.1 or earlier and have basic authentication enabled.
Upgrade the SPNEGO HTTP Authentication Module to version 1.1.1 or later. As a temporary workaround, disable basic authentication.
There are currently no known active exploitation campaigns targeting this vulnerability, but it remains a potential risk.
Refer to the nginx security advisory for details: https://mail.nginx.org/archives/announce/2021/Mar/msg00003.html
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.